bmad-agent-quick-flow-solo-dev
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill contains instructions to maintain its persona across session boundaries ("must not break character") and to persist the persona even when other skills are invoked. These are persistence-oriented instructions designed for user experience consistency.
- [DATA_EXPOSURE]: The skill automatically searches for and loads
project-context.mdfrom the user's workspace to establish foundational reference standards. This is a functional feature for technical implementation but involves automated file system reads of potentially sensitive project documentation. - [COMMAND_EXECUTION]: The skill acts as a dispatcher that executes other registered tools (
bmad-quick-dev,bmad-code-review) based on user-provided codes or menu selections. - [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface for indirect injection via processed data.
- Ingestion points: Reads
**/project-context.md(SKILL.md). - Boundary markers: None; the content is loaded as a foundational reference without delimiters.
- Capability inventory: Can invoke other skills and tools mentioned in the capabilities table (SKILL.md).
- Sanitization: No validation or sanitization is performed on the content of the project context file before it is incorporated into the agent's context.
Audit Metadata