Skills
skills/ctsstc/get-shit-done-skills/gsd-research-synthesizer/Gen Agent Trust Hub

gsd-research-synthesizer

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Detected an indirect prompt injection vulnerability surface where the skill ingests untrusted data from multiple research files.
  • Ingestion points: .planning/research/STACK.md, .planning/research/FEATURES.md, .planning/research/ARCHITECTURE.md, and .planning/research/PITFALLS.md.
  • Boundary markers: Absent.
  • Capability inventory: Read, Write, and Bash (cat, git).
  • Sanitization: Absent.
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to perform legitimate development operations, including reading files via cat and versioning research documentation using git add and git commit. These operations are appropriately scoped to the local project directory.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 12:50 PM