gsd-2-agent-framework
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The framework is designed to execute shell commands specified in task plans (e.g.,
npm test,npx tsc,curl) to verify the completion of software development tasks. This functionality is the primary purpose of the autonomous agent framework. - [EXTERNAL_DOWNLOADS]: The skill involves the installation of the
gsd-pipackage from the NPM registry, which serves as the core CLI tool for the framework. - [PROMPT_INJECTION]: The framework ingests and processes project specifications that influence the behavior of the autonomous agent.
- Ingestion points: Reads project requirements and vertical slice definitions from
ROADMAP.mdandPROJECT.mdfiles (SKILL.md). - Boundary markers: Implements a phased state machine (Research, Plan, Execute, Complete, Reassess) to partition the agent's context and workflow.
- Capability inventory: Provides capabilities for file system access, automated Git commits/merges, and arbitrary shell command execution for verification.
- Sanitization: The framework relies on a structured meta-prompting system and checkable 'must-have' criteria to guide the LLM's output.
Audit Metadata