derive
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted data from specification files to generate executable code artifacts, creating a surface for indirect prompt injection.
- Ingestion points: Uses the Read tool to ingest content from SPEC-XXX.md files as described in the workflow.
- Boundary markers: Relies on instructional Anti-Hallucination Rules to bound the output, but lacks technical delimiters or sanitization for input data.
- Capability inventory: Possesses the capability to search (Grep/Glob) and create files (Write) such as .feature and .test.ts files.
- Sanitization: No automated sanitization or validation of the input specification content is performed before the AI generates code from it, relying entirely on manual human review.
Audit Metadata