solution-scoping
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (SAFE): No malicious bypass or override patterns were detected in the instructions.
- Data Exposure & Exfiltration (SAFE): The skill does not access sensitive credentials or perform network requests; it only saves data to a local design document.
- Remote Code Execution (SAFE): No execution of untrusted code or remote dependencies was identified.
- Indirect Prompt Injection (LOW): The skill ingests data from external sources without explicit boundary markers, presenting a vulnerability surface. 1. Ingestion points: Ingests upstream artifacts and user feature lists. 2. Boundary markers: Absent. 3. Capability inventory: Uses the Write tool to save files to the design/04-solution-scoping.md path. 4. Sanitization: None present.
Audit Metadata