ir-disclosure-management
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely instructional and provides a manual checklist for an agent to follow when reviewing financial or IR materials. It does not utilize any tools or execute shell commands.
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill reads a project-level configuration file (
../../CLAUDE.md) to establish context. This is a standard practice for project-specific instructions and does not involve accessing sensitive system credentials or exfiltrating data to external domains. - [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and review user-provided IR materials. While this creates an input surface for indirect injection, the skill lacks the capabilities (such as file-system write access or remote code execution) required to escalate such an injection into a security threat. Findings are as follows:
- Ingestion points: Processes user-supplied text and IR documents (SKILL.md).
- Boundary markers: None explicitly defined for the external data.
- Capability inventory: No subprocess calls, network operations, or file-writing tools identified.
- Sanitization: None detected, however, no dangerous tools are available to be exploited.
Audit Metadata