Skills
skills/quinteroac/reelpod-studio/create-project-context/Gen Agent Trust Hub

create-project-context

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to its reliance on external, untrusted data for generating documentation.\n
  • Ingestion points: The skill reads and processes content from it_{iteration}_product-requirement-document.md, it_{iteration}_PRD.json, and AGENTS.md (SKILL.md).\n
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to isolate or ignore potentially malicious instructions embedded within the ingested files.\n
  • Capability inventory: The skill possesses file-writing capabilities, specifically for .agents/PROJECT_CONTEXT.md, .agents/PROJECT_CONTEXT_archive.md, and state.json (SKILL.md).\n
  • Sanitization: The skill does not implement validation or sanitization of the content extracted from external files before it is written to the project's context documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 01:37 PM
Security Audit — agent-trust-hub — create-project-context