tech-decision
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill workflow involves scanning public community platforms (Reddit, Hacker News, Dev.to) and external documentation which are untrusted data sources.
- Ingestion points: External data enters the context via the
dev-scanskill (community opinions) anddocs-researcher(external guides/docs). - Boundary markers: The prompt instructions do not specify any delimiters (e.g., XML tags or triple quotes) or 'ignore instructions' warnings to prevent the agent from obeying malicious commands embedded in forum posts or third-party documentation.
- Capability inventory: Data is processed by
tradeoff-analyzeranddecision-synthesizeragents to generate final reports. While these agents appear limited to text generation, malicious data could bias the decision-making process or attempt to leak context in the synthesized output. - Sanitization: No sanitization or validation logic is defined for the content retrieved from community sources.
Audit Metadata