Skills
skills/bmad-code-org/bmad-method/bmad-os-diataxis-style-fix/Gen Agent Trust Hub

bmad-os-diataxis-style-fix

Pass

Audited by Gen Agent Trust Hub on Feb 22, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection (Category 8) as it processes external markdown files which could contain malicious instructions.
  • Ingestion points: Documentation files or directories (defaulting to docs/) and the project style guide docs/_STYLE_GUIDE.md.
  • Boundary markers: Absent; the skill reads and processes the content of these files directly without delimiters or explicit 'ignore' instructions.
  • Capability inventory: The skill uses an 'Edit tool' to modify local files.
  • Sanitization: Absent; the skill performs regex-like pattern matching and replacements without sanitizing the input data.
  • Mitigation: The disable-model-invocation: true flag in the YAML frontmatter significantly reduces the risk of the agent's core reasoning being hijacked, as it likely uses a deterministic path for text transformation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 22, 2026, 11:55 PM