oai-submission
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs static analysis on project source files such as app/mcp/route.ts and flow definitions to inventory tools and flow logic. This behavior is transparent and aligned with the stated purpose of generating submission documents.
- [SAFE]: The skill integrates with Notion to create and populate formatted pages. It explicitly requests a parent page ID and deployment URL from the user, maintaining user oversight and control over the destination.
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface:
- Ingestion points: Analyzes multiple codebase files listed in SKILL.md (Step 2).
- Boundary markers: No specific delimiters or instructions to ignore embedded content are specified.
- Capability inventory: Utilizes a Notion create-pages tool.
- Sanitization: No explicit sanitization of codebase content before processing for documentation is mentioned.
Audit Metadata