Skills
NYC
skills/duc01226/easyplatform/business-feature-docs/Gen Agent Trust Hub

business-feature-docs

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface. The skill reads external data (source code and existing documentation) which could potentially contain malicious instructions designed to influence the agent's behavior during the generation phase.
  • Ingestion points: Files located in src/Backend/, docs/features/, and .claude/skills/shared/.
  • Boundary markers: None specified in the instructions to delimit user-provided data from system instructions.
  • Capability inventory: The skill has access to Read, Write, Edit, Bash, Grep, Glob, Task, and TodoWrite tools.
  • Sanitization: No evidence of sanitization or filtering of the content read from files before it is processed by the agent.
  • [COMMAND_EXECUTION] (LOW): The skill is granted access to the Bash tool to perform codebase analysis and documentation tasks. While the provided instructions are benign (searching for entities and commands), the presence of shell access is a capability that should be monitored for unexpected command construction.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:17 PM