foundation-stakeholder-briefings
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized operations were detected in the skill files. The skill operates purely within the text-processing capabilities of the agent.
- [PROMPT_INJECTION]: The skill processes untrusted source artifacts (e.g., PRDs, research notes) in SKILL.md, creating a potential surface for indirect prompt injection. This is mitigated by a 'projection rule' requiring all briefings to trace back to a neutral master document and instructions for human review of the generated content.
- Ingestion points: Source artifacts are processed in SKILL.md (Step 1).
- Boundary markers: Briefing blocks are delimited by BEGIN and END markers.
- Capability inventory: The skill has no access to dangerous tools like shell execution or network requests.
- Sanitization: No automated sanitization is present, relying on the logical trace-back rule for safety.
Audit Metadata