shapeup
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill acts as a process facilitator, guiding users through the collaborative phases of the Shape Up methodology. It manages artifacts such as pitches, shaping documents, and task lists within a local directory structure. All operations are consistent with the skill's stated purpose of project management facilitator.\n- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by ingesting untrusted user content (pitches and problem statements) which is then used as input for subsequent orchestration commands.\n
- Ingestion points: User-provided text for 'Problem' and 'External Pitch' is collected during the Framing stage in SKILL.md.\n
- Boundary markers: Absent; user input is passed to the orchestrator commands (/frame-coach, /shape, etc.) without explicit delimiters or instructions to ignore embedded directives.\n
- Capability inventory: The skill orchestrates multiple internal commands (/frame-coach, /shape, /plan, /breakdown, /hillchart) that process the user data.\n
- Sanitization: No input validation or sanitization is performed on the user-provided text before processing.
Audit Metadata