feedback
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: Static analysis of the skill's instructions and references shows no evidence of malicious intent, data exfiltration, or obfuscation.
- [NO_CODE]: The skill is implemented entirely in Markdown and does not include any Python, Node.js, or shell scripts, eliminating the risk of unauthorized command execution or remote code vulnerabilities.
- [PROMPT_INJECTION]: The skill instructions direct the agent to read local context files from the .agents/ directory. This creates a surface for indirect prompt injection should those files contain untrusted content. However, the skill lacks any capabilities—such as network access or file-writing tools—to exploit such an injection. Ingestion points: .agents/em-context.md and files within .agents/reports/; Boundary markers: None; Capability inventory: None; Sanitization: None.
Audit Metadata