dev-specs
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its data ingestion pipeline.
- Ingestion points: The skill reads business requirements and use cases from 'plans/brd/use-cases/{feature}/*.md' and technical context from 'plans/brd/tech-context.md'.
- Boundary markers: The instructions do not define boundary markers or 'ignore' directives to prevent the agent from following instructions contained within the requirements files.
- Capability inventory: The skill has the capability to write files to the local filesystem using the 'Write' tool.
- Sanitization: There is no evidence of sanitization or validation logic applied to the content read from the source documents before it is processed or written to output files.
Audit Metadata