methodology
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references a methodology YAML schema hosted on the official Anthropics GitHub repository, which is a trusted source.
- [PROMPT_INJECTION]: The skill implements an Indirect Prompt Injection surface by ingesting and interpreting instructions from project-specific configuration files.
- Ingestion points: The agent reads custom instructions from the
guidance.promptfield within.standards/methodologies/*.methodology.yamlfiles. - Boundary markers: No explicit boundary markers or 'ignore' instructions are used when interpolating these custom prompts into the active agent session.
- Capability inventory: The skill is granted
ReadandWritepermissions via theallowed-toolsconfiguration, enabling it to modify project files and source code based on instructions from these methodology files. - Sanitization: There is no evidence of validation or sanitization of the content provided in the custom methodology prompts.
Audit Metadata