document
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends the installation and invocation of external plugins from Vercel Labs and Supabase GitHub repositories to provide best practices for React and PostgreSQL documentation.
- [PROMPT_INJECTION]: The skill reads data from external files such as task documents (
docs/task/*.md) and test reports (docs/testing/*.md). These files serve as an indirect prompt injection surface, as their contents are used to generate documentation and determine control flow (e.g., automation triggers) without explicit sanitization or boundary enforcement described in the instructions. - Ingestion points: Reads from
docs/task/{ID}-{task-name}.mdanddocs/testing/{ID}-{task-name}.md. - Boundary markers: None identified; data is directly read for context.
- Capability inventory: File creation/modification (documentation), reading project files, and spawning sub-agents via the Task tool.
- Sanitization: No explicit validation or filtering of the ingested content is documented.
- [COMMAND_EXECUTION]: The skill features an 'Auto Mode' that dynamically spawns a secondary agent using the Task tool. It constructs a prompt (
/ship {ID}) based on input task metadata to invoke the next stage of the development workflow.
Audit Metadata