feature-launch-playbook
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is restricted to text generation and basic file system operations (writing markdown files). It does not perform network requests, access credentials, or execute arbitrary shell commands.\n- [PROMPT_INJECTION]: The skill ingests untrusted feature specifications and product documentation as part of its intake process. This creates an indirect prompt injection surface where instructions hidden within these documents could potentially influence the generated marketing copy.\n
- Ingestion points: Feature name, description, and product spec documentation provided during Phase 0 as described in SKILL.md.\n
- Boundary markers: Absent; the skill does not explicitly use delimiters or instruction-ignore warnings when processing user-provided descriptions.\n
- Capability inventory: The skill is capable of writing reasoning results to local markdown files in the
clients/directory as specified in Phase 4 of SKILL.md.\n - Sanitization: No validation or sanitization logic is implemented for the incoming feature specifications.
Audit Metadata