Skills
skills/donchitos/claude-code-game-studios/estimate/Gen Agent Trust Hub

estimate

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes data from multiple sources that could contain malicious instructions.
  • Ingestion points: Reads the user-provided task-description, CLAUDE.md, design documents in design/gdd/, historical sprint data in production/sprints/, and source code files from the project.
  • Boundary markers: The instructions do not specify any delimiters or warnings to ignore embedded instructions within the ingested files, which may lead the agent to follow directions found in project documentation or comments.
  • Capability inventory: Uses the Read, Glob, and Grep tools to access and search project files.
  • Sanitization: No validation or filtering is performed on the content of the read files before they are processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 06:28 PM