frontend-to-backend-requirements
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) as it interpolates untrusted user input into file paths and document content without sanitization.
- Ingestion points: User-provided feature names and UI/data requirement descriptions (SKILL.md).
- Boundary markers: Absent; the skill does not use delimiters or instructions to separate user-provided data from the generated document structure.
- Capability inventory: File-write operations to the .claude/docs/ai/ directory (SKILL.md).
- Sanitization: Absent; no validation or escaping is performed on user input used for directory naming or markdown interpolation.
Audit Metadata