Skills
skills/maneeshanif/ai-employee-hackathon-spec-driven/ceo-briefing/Gen Agent Trust Hub

ceo-briefing

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes data from external files without sanitization or boundary markers.
  • Ingestion points: The script scripts/generate_briefing.py reads content from files within the vault's /Accounting/, /Done/, and /Tasks/ directories, as well as Business_Goals.md.
  • Boundary markers: There are no specific delimiters or instructions to ignore potential commands embedded within the task titles, transaction notes, or goal descriptions processed by the script.
  • Capability inventory: The skill possesses the Write and Edit tools via frontmatter configuration, and the included Python script writes generated reports directly to the filesystem. If the agent subsequently processes the generated report, injected instructions could influence downstream actions.
  • Sanitization: No sanitization, escaping, or validation of the content read from the vault files is performed before it is interpolated into the markdown briefing template.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 10:43 PM
Security Audit — agent-trust-hub — ceo-briefing