vault-concepts
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [NO_CODE]: The skill (SKILL.md) consists exclusively of markdown instructions and metadata, containing no executable scripts, binaries, or shell commands.
- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection by processing data from uncontrolled local sources.
- Ingestion points: The agent is instructed to scan all files within the 'notes/', 'projects/', and 'resources/' directories (SKILL.md).
- Boundary markers: The instructions lack delimiters or specific directives for the agent to ignore embedded instructions within the scanned documents (SKILL.md).
- Capability inventory: The agent is permitted to create new files in 'notes/concepts/', update the 'index.md' file, and modify cross-references in existing notes (SKILL.md).
- Sanitization: The skill does not provide methods for sanitizing, escaping, or validating the content read from notes before it is used to influence agent actions (SKILL.md).
Audit Metadata