breakdown
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill functions as a documentation and task generation template. It does not perform automated code execution or network requests to external domains.
- [PROMPT_INJECTION]: The skill processes external project plans to generate markdown files, creating a surface for indirect prompt injection. However, the risk is mitigated as the output is intended for human developer review and manual execution.
- Ingestion points: Reads a project "Plan" document referenced by the user in the
/breakdowncommand. - Boundary markers: Content from the Plan is processed without explicit delimiters or instructions to ignore embedded commands.
- Capability inventory: The agent creates and populates markdown files in the local repository structure (
projects/directory). - Sanitization: There is no explicit sanitization or validation of the data ingested from the Plan document before it is interpolated into task files and Jira templates.
Audit Metadata