requirement-analyst
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill's instructions are focused on structured requirement gathering and documentation management. All operations are confined to the local filesystem within the 'docs/' directory.
- [NO_CODE]: This skill contains no executable code, scripts, or binaries. It relies entirely on natural language instructions for the AI agent.
- [DATA_EXPOSURE]: While the skill reads project roadmap and todo files, these are standard project documentation. There is no access to sensitive system configuration files (~/.ssh, ~/.aws) or credentials.
- [INDIRECT_PROMPT_INJECTION]:
- Ingestion points: Processes untrusted user input describing new feature requests.
- Boundary markers: Absent; the skill does not define specific delimiters for user-provided requirements.
- Capability inventory: Reads and updates local Markdown files (
docs/plan/*.md). - Sanitization: None specified. However, the risk is minimal as the output is restricted to task list updates in Markdown format, which does not trigger code execution.
Audit Metadata