vault-challenge
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious behavior or high-risk patterns were detected. The skill instructions define a legitimate workflow for document analysis.
- [PROMPT_INJECTION]: The skill processes content from local markdown files, creating a surface for indirect prompt injection. This is evaluated as safe as it is central to the skill's purpose and lacks any secondary malicious instructions or exfiltration vectors.
- Ingestion points: Vault notes (markdown files) from the directory specified in the parameters.
- Boundary markers: Absent; the workflow assumes the agent can distinguish between note content and analysis instructions.
- Capability inventory: Reading file content and writing/updating local markdown files.
- Sanitization: No explicit input sanitization or instruction to ignore embedded commands is present.
Audit Metadata