goal-manager

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill consists of instructional markdown files that define a process for goal tracking and objective setting. It contains no executable code, remote dependencies, or network operations.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes user-supplied task descriptions to generate structured objectives, which creates an inherent surface for indirect prompt injection.
  • Ingestion points: User requests are ingested via the workflow described in SKILL.md and exemplified in references/examples.md.
  • Boundary markers: The instructions do not specify the use of delimiters or sanitization when incorporating user input into the final objective.
  • Capability inventory: The resulting goals can encompass file implementation, system verification, and pull request creation.
  • Sanitization: No explicit sanitization or validation of user-provided requests is requested before they are used to scope the agent's work.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 11:09 AM
Security Audit — agent-trust-hub — goal-manager