prd
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to include 'npm run typecheck' in the acceptance criteria for generated user stories. This is a standard and low-risk command used for code verification.
- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it interpolates user-provided feature descriptions into documents without explicit sanitization or boundary markers.
- Ingestion points: User-provided feature descriptions (SKILL.md).
- Boundary markers: None present in the interpolation logic.
- Capability inventory: Subprocess execution via 'npm run typecheck' and file-write access to the '/tasks/' directory.
- Sanitization: No sanitization or escaping of user content is performed.
- [SAFE]: No malicious patterns or security vulnerabilities were detected in the skill's operational logic.
Audit Metadata