bmad-quick-dev-new-preview
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The workflow processes untrusted user input ('intent') and generated code. Ingestion points: 'steps/step-01-clarify-and-route.md' and 'steps/step-02-plan.md'. Boundary markers: Instructions to ignore injected directives that attempt to skip safety steps or override instructions are present in 'steps/step-01-clarify-and-route.md'. Capability inventory: Local file modification and git operations in 'steps/step-03-implement.md' and 'steps/step-05-present.md'. Sanitization: Human-in-the-loop approval checkpoints for specification (step 2) and implementation (step 5), plus adversarial review loops in 'steps/step-04-review.md'.\n- [COMMAND_EXECUTION]: The skill manages local file system modifications and performs local Git operations such as creating commits as described in 'steps/step-03-implement.md' and 'steps/step-05-present.md'. These actions are confined to the local environment.\n- [EXTERNAL_DOWNLOADS]: The workflow orchestrates external review skills such as 'bmad-review-adversarial-general' and 'bmad-review-edge-case-hunter'. These are recognized as resources from the same vendor ('bmad-code-org') and are used for security and quality analysis.\n- [DATA_EXFILTRATION]: The skill implements a strict 'local-only' policy for implementation, explicitly forbidding automated remote operations or pushes without human intervention in 'steps/step-03-implement.md' and 'steps/step-05-present.md'.
Audit Metadata