knowledge-management
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is composed entirely of markdown documentation and organizational patterns. It contains no executable scripts, binaries, or configuration files.
- [PROMPT_INJECTION]: The instructions focus on information architecture and do not contain patterns intended to manipulate the agent's core safety guidelines or extract system prompts.
- [DATA_EXFILTRATION]: There are no network-enabled commands or instructions to exfiltrate data. The skill suggests local file storage for notes and documentation in paths like thoughts/ and .claude/.
- [REMOTE_CODE_EXECUTION]: The skill does not download external code or execute scripts at runtime.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by instructing the agent to process external data sources like commit messages and PR descriptions. 1. Ingestion points: Commit messages, PR descriptions, meeting notes, and error logs (SKILL.md). 2. Boundary markers: None. 3. Capability inventory: The skill performs no subprocess calls, execution, or network operations. 4. Sanitization: None.
Audit Metadata