Skills
skills/fairchild/dotclaude/backlog/Gen Agent Trust Hub

backlog

Pass

Audited by Gen Agent Trust Hub on Feb 23, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (LOW): The groom.sh script is susceptible to indirect prompt injection because it parses untrusted data from backlog files to perform filesystem operations.\n
  • Ingestion points: groom.sh processes all .md files in the backlog/ directory and backlog/ROADMAP.md.\n
  • Boundary markers: No delimiters or warnings are used to prevent the script from processing maliciously crafted content as legitimate instructions.\n
  • Capability inventory: The script executes git log and git branch and performs filesystem existence checks ([[ -e \"$filepath\" ]]). This enables an attacker to confirm whether specific files exist on the host by placing those paths in the 'Files to create' section of a backlog file.\n
  • Sanitization: There is no validation or sanitization of the file paths or keywords extracted from the backlog files before they are used in commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 23, 2026, 07:31 AM