gsd-to-autoforge-spec
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill reads data from local markdown files and package.json to synthesize a new project specification, which could allow malicious instructions in those source files to influence the downstream AutoForge agent.
- Ingestion points: Documents located in the .planning/codebase/ directory and the package.json file.
- Boundary markers: Absent; the skill does not use specific delimiters or instructions to ignore embedded commands when processing external content into the generated spec.
- Capability inventory: The skill performs basic file system operations including directory creation (mkdir), file reading (cat), and file writing (cat >).
- Sanitization: Absent; no explicit sanitization, escaping, or validation of the input content is performed before interpolation into the generated output file.
Audit Metadata