story
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The skill performs file operations (Read, Write, Edit, Glob) on local project directories such as
docs/andteam-artifacts/. There are no network tools authorized in the frontmatter, and no exfiltration patterns were detected. - [Indirect Prompt Injection] (LOW):
- Ingestion points: Reads Product Backlog Item (PBI) artifacts and documentation files.
- Boundary markers: The instructions do not define explicit delimiters for untrusted PBI content.
- Capability inventory: Can write and edit files in the
team-artifacts/directory. - Sanitization: No specific sanitization or escaping logic is defined for the external PBI data before it is processed into stories.
- [Remote Code Execution] (SAFE): No remote code execution patterns or external package dependencies were found.
- [Command Execution] (SAFE): No system-level command execution or shell access is requested; the toolset is limited to standard file system and search operations.
Audit Metadata