Skills
skills/dmitryprg-ai/cursor-develop-autorules/backlog-to-rules/Gen Agent Trust Hub

backlog-to-rules

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by instructing the agent to ingest and implement rules from an external source without verification.
  • Ingestion points: The agent reads from .cursor/data/improvements-backlog.md to find improvements (identified in SKILL.md Phase 1).
  • Boundary markers: The skill uses structured templates in references/templates.md for the output, but does not specify delimiters or 'ignore' instructions for the content being processed from the backlog.
  • Capability inventory: The process involves reading and writing to sensitive configuration files within the .cursor/rules/ directory, which define the agent's operational boundaries.
  • Sanitization: There is no step in the 7-phase process or the templates that suggests sanitizing, escaping, or validating the text from the backlog before it is promoted to a system-level rule.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 03:04 AM