vault-index
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface
- Ingestion points: The skill reads content from the
notes/,projects/, andresources/directories to build an index (SKILL.md). - Boundary markers: Absent; there are no specific instructions or delimiters used to ensure the agent ignores potential commands embedded within the scanned vault files.
- Capability inventory: The skill is authorized to modify the
index.mdfile based on retrieved content (SKILL.md). - Sanitization: Absent; the workflow does not include steps to sanitize, escape, or validate the content of the files before they are processed by the agent.
Audit Metadata