Skills
skills/maneeshanif/ai-employee-hackathon-spec-driven/vault-management/Gen Agent Trust Hub

vault-management

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by design, as it ingests untrusted data from external sources (e.g., emails and WhatsApp messages) into the 'Inbox/' directory for processing into plans and actions.
  • Ingestion points: The 'Inbox/' and 'Needs_Action/' directories are used to store raw incoming data for agent processing, as defined in SKILL.md and reference.md.
  • Boundary markers: The skill lacks instructions for the agent to utilize boundary markers or ignore embedded instructions when reading content from ingested files.
  • Capability inventory: The agent is granted powerful capabilities including 'Bash', 'Write', 'Edit', and 'Grep' (SKILL.md).
  • Sanitization: There is no evidence of a sanitization or validation process for external content before it is processed into actionable plans.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 10:43 PM
Security Audit — agent-trust-hub — vault-management