Skills
skills/donchitos/claude-code-game-studios/sprint-plan/Gen Agent Trust Hub

sprint-plan

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a shell command (ls) within the YAML frontmatter's context field to retrieve a list of existing sprint files from the production/sprints/ directory.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its reliance on external data sources for generating sprint plans.
  • Ingestion points: Reads content from production/milestones/, production/sprints/, design/gdd/, and production/risk-register/.
  • Boundary markers: The instructions do not define delimiters or provide 'ignore embedded instructions' warnings for the data ingested from these files.
  • Capability inventory: The skill is granted Write and Edit tools, meaning an attacker who can modify design docs or risk registers could potentially trick the agent into performing unauthorized file modifications.
  • Sanitization: No input validation or filtering is performed on the content retrieved from the file system before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 11:06 PM