teams-driven-development
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION] (SAFE): No attempts to override system constraints or bypass safety filters were detected. The use of instructional emphasis (e.g., 'CRITICAL') is appropriate for the context of defining worker behavior.
- [DATA_EXFILTRATION] (SAFE): No hardcoded credentials, sensitive file paths, or network operations are present in any of the templates.
- [REMOTE_CODE_EXECUTION] (SAFE): The skill contains no executable scripts, package manifests (package.json, requirements.txt), or remote download commands.
- [NO_CODE] (SAFE): The provided files are purely markdown prompt templates with no logic that could be executed directly by the operating system.
- [PROMPT_INJECTION] (SAFE): Analysis of Category 8 (Indirect Prompt Injection) surfaces: 1. Ingestion points:
spec-reviewer-prompt.mdaccepts implementation reports and code. 2. Boundary markers: Markdown headers serve as delimiters. 3. Capability inventory: No scripts or network calls are invoked by these templates. 4. Sanitization: While no technical sanitization is present, the prompt logic mandates human-like skepticism of input, which is the primary defense in this context.
Audit Metadata