ubiquitous-language
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a documentation tool that extracts domain concepts and saves them to a local markdown file. It does not perform network requests, access sensitive credentials, or execute commands.
- [PROMPT_INJECTION]: The skill processes untrusted conversation data and reads from a local file, creating a surface for indirect prompt injection. However, the risk is negligible as the skill's capabilities are limited to writing static markdown documentation.
- Ingestion points: Conversation history and the local
UBIQUITOUS_LANGUAGE.mdfile. - Boundary markers: Lacks specific delimiters to isolate user-provided content from instructions.
- Capability inventory: Local file system access is limited to writing and updating a single markdown file.
- Sanitization: No explicit content validation or escaping is defined for the extracted terminology.
Audit Metadata