refining-android-requirements
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill is entirely composed of markdown-based instructions for analyzing software requirements. It does not contain any executable scripts, binary files, subprocess calls, or network-enabled commands.
- [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it ingests untrusted data from project management tools like Jira and Confluence (Step 1) without explicit boundary markers or sanitization. However, because the skill's capabilities are limited to generating structured markdown documentation and it has no access to sensitive files or external network endpoints, the risk is assessed as safe within its intended context.
Audit Metadata