task-start
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides procedural guidance for task management and project alignment without introducing security risks.
- [PROMPT_INJECTION]: The skill defines a surface for processing untrusted user input and existing project documentation during the alignment phase.
- Ingestion points: User-provided requirements and historical project documents (
docs/decisions/,MEMORY.md). - Boundary markers: The skill incorporates a mandatory "Requirement Alignment" step where the agent must confirm its understanding with the user via specific questions, serving as a functional boundary.
- Capability inventory: The agent performs local file searches using
grepand creates planning/prototype documents within the project's designated documentation directories. - Sanitization: No programmatic sanitization is defined, but the structured workflow and required user confirmation mitigate the risk of accidental instruction obedience from data.
- [COMMAND_EXECUTION]: Uses the standard
greputility to search local project documentation, which is a common and safe operation in this context.
Audit Metadata