decision-mapping
Pass
Audited by Gen Agent Trust Hub on Jun 27, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its handling of decision map files.
- Ingestion points: The skill loads an entire Markdown decision map into the agent's context during the 'Resume' workflow step (SKILL.md).
- Boundary markers: No delimiters (such as XML tags) or instructions to ignore embedded commands are specified for the loaded content.
- Capability inventory: The skill can trigger the '/prototype' skill, which involves writing and testing code, and it performs file write and update operations on the local system.
- Sanitization: There is no process described for sanitizing or validating the contents of the decision map before it is used as context.
- [NO_CODE]: The skill does not contain any executable scripts, binaries, or source code files, relying solely on Markdown instructions.
Audit Metadata