vault-compact
Pass
Audited by Gen Agent Trust Hub on May 24, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to perform extensive file system operations, including reading markdown content, writing consolidated files, and archiving original files to a separate directory (SKILL.md).
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes user-provided markdown files. Malicious instructions within these files could influence the agent's behavior during the merging process.
- Ingestion points: Markdown files discovered within the target directory (SKILL.md).
- Boundary markers: Absent; there are no instructions to use delimiters or ignore embedded instructions when reading note content (SKILL.md).
- Capability inventory: Local file system access for reading, writing, and moving files (SKILL.md).
- Sanitization: Absent; the skill does not specify any filtering or validation of the markdown content before merging (SKILL.md).
Audit Metadata