master
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection. It is designed to ingest and process external reference documents provided by the user or found via keywords. Malicious instructions embedded within these documents could potentially influence the agent's behavior during the coaching cycle.
- Ingestion points: Reference documents specified in the
/master [mode] [doc-path-or-keyword]commands (SKILL.md). - Boundary markers: None. The instructions do not specify delimiters or warnings for the agent to ignore instructions found within the reference material.
- Capability inventory: The skill requires file read access to reference documents and both read/write access for tracking progress via
[doc-stem].mastery.jsonand[doc-stem].cases.md(SKILL.md). - Sanitization: None observed. The agent processes extracted concepts directly from the source material.
- [COMMAND_EXECUTION]: The skill instructions direct the agent to perform local file system operations to maintain state and build a case library. While these operations are scoped to the directory of the reference document, they represent an active use of file manipulation tools based on document content.
- Evidence: The skill creates and updates
[doc-stem].mastery.jsonand appends data to[doc-stem].cases.md(SKILL.md).
Audit Metadata