fusion-issue-author-feature
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized network operations were identified in the skill files.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection due to the interpolation of user-provided feature descriptions and requirements into Markdown drafts. Ingestion points: User inputs for feature intent, scope, and success criteria defined in SKILL.md. Boundary markers: No explicit delimiters or boundary instructions are present in the asset templates. Capability inventory: The skill can write files to the local .tmp/ directory. Sanitization: No input validation or sanitization is mentioned. However, the risk is mitigated by the design which requires an orchestrator to review the draft and perform the final publication.
- [COMMAND_EXECUTION]: The skill instructions include drafting files to a local .tmp/ directory, which is a standard operation for document authoring tools and does not involve elevated privileges or dangerous system commands.
Audit Metadata