ai-incident-postmortem-template

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the ingestion of untrusted incident evidence data.\n
  • Ingestion points: The logic.prompt file and SKILL.md instructions require reading an "evidence pack for this incident" and an "incident timeline." These sources typically include unvalidated logs, user prompts, and AI outputs from the incident period.\n
  • Boundary markers: The skill lacks explicit boundary markers or instructions to prevent the agent from executing instructions that might be embedded in the evidence pack.\n
  • Capability inventory: Based on the provided files, the agent's capabilities are limited to reading local files and writing the resulting postmortem to a markdown file (AI_Postmortem_<incident_id>.md). No subprocess calls or network operations were found.\n
  • Sanitization: There is no evidence of sanitization, filtering, or validation of the ingested evidence data before it is processed by the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 04:46 PM
Security Audit — agent-trust-hub — ai-incident-postmortem-template