test-spec
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): This skill is vulnerable to indirect prompt injection because it processes external requirement documents which may contain malicious instructions.\n
- Ingestion points: Untrusted data enters the agent context through the reading of PBIs and user stories as specified in the workflow of SKILL.md.\n
- Boundary markers: The instructions in SKILL.md do not define boundary markers or delimiters to isolate untrusted requirements from the system instructions.\n
- Capability inventory: The skill is granted access to high-capability tools including Bash, Write, and Edit in the SKILL.md allowed-tools section.\n
- Sanitization: There is no evidence of input sanitization or verification to ensure the content of the requirements does not contain executable commands or prompt overrides.
Audit Metadata