visionary
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted user visions and agent-generated briefs without explicit boundary markers or protective delimiters.
- Ingestion points: User-supplied product vision in Phase 2 prompts and agent-generated briefs in Phase 3 synthesis.
- Boundary markers: Absent; the prompt templates directly interpolate external content into agent instructions without delimiters or 'ignore' directives.
- Capability inventory: The skill orchestrates sub-agents via the /fleet command, invokes the @user-journey skill, and performs multiple file writes to the docs/ directory for briefs and EPIC documents.
- Sanitization: No input validation, escaping, or filtering of the user-provided vision or agent outputs is performed before they are used in downstream tasks.
Audit Metadata