tasks-feature-implementation
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses emphatic language to direct agent behavior and reading of internal protocols. It also possesses an indirect prompt injection surface as it is instructed to ingest data from external files such as 'project-structure-reference.md' and general codebase files.
- Ingestion points: Reads project documentation and performs broad codebase searches via grep.
- Boundary markers: Lacks explicit delimiters or instructions to ignore embedded commands within ingested files.
- Capability inventory: Accessible tools include Bash, Write, and Edit, enabling substantial project modifications.
- Sanitization: No evidence of content filtering or validation for external documentation before processing.
- [COMMAND_EXECUTION]: The workflow incorporates the Bash tool for investigative tasks and persistence layer operations like Entity Framework migrations. While these are documented as standard development tasks, they provide the agent with broad execution capabilities on the host system.
Audit Metadata