refine-review
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection surface detected. The skill is designed to analyze external PBI artifacts which may contain instructions intended to influence the agent's behavior. \n
- Ingestion points: PBI artifacts located in
team-artifacts/pbis/(referenced in SKILL.md). \n - Boundary markers: Absent; the skill does not define specific delimiters or instructions to ignore embedded commands within the ingested PBI content. \n
- Capability inventory: The skill utilizes
TaskCreatefor task management and has the ability to read project files and write reports toplans/reports/. \n - Sanitization: Absent; there is no mention of sanitization, escaping, or validation of the content processed from external artifacts. \n- [NO_CODE]: The skill consists exclusively of markdown-based instructions and workflows; it does not include executable scripts, binaries, or automated code logic.
Audit Metadata