pdd
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill is entirely instructional and does not contain any functional scripts, executable commands, or sensitive data access. It defines a workflow rather than a technical capability.
- [Indirect Prompt Injection] (LOW): The skill instructs agents to read and follow directions within
@todocomments in source code, which technically creates an ingestion surface for external data. - Ingestion points: The agent is directed to read and parse
@todocomments from arbitrary source code files. - Boundary markers: None (the skill assumes the agent will treat the content of the comment as instructions).
- Capability inventory: No subprocess, file-write, or network capabilities are defined in this skill.
- Sanitization: None (the skill relies on the agent's base safety layers when interpreting codebase content).
Audit Metadata