Skills
skills/buildbetter-app/bb-skills/bb-plan/Gen Agent Trust Hub

bb-plan

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests and processes untrusted data from project files.
  • Ingestion points: Reads FEATURE_SPEC, user-stories.md, and BuildBetter context artifacts (SKILL.md).
  • Boundary markers: No explicit delimiters or instructions are used to distinguish instructions from the content of ingested files.
  • Capability inventory: The skill generates and writes multiple documentation files (research.md, data-model.md, contracts/, quickstart.md) and modifies agent-specific context files.
  • Sanitization: No evidence of sanitization or content validation for ingested external data was found. This risk is inherent to tools processing requirements and documentation, and given the outputs are limited to markdown artifacts, the impact is low.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 04:22 PM