Skills
skills/featbit/featbit-release-decision-agent/intent-shaping/Gen Agent Trust Hub

intent-shaping

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill facilitates an indirect prompt injection surface by incorporating untrusted user input into state-persistence commands.
  • Ingestion points: User conversation input regarding business outcomes and tactics as described in SKILL.md.
  • Boundary markers: Absent; the instructions do not define delimiters or provide guidance to the agent to isolate user-supplied strings from command logic.
  • Capability inventory: The skill utilizes project-sync tool commands (update-state, set-stage, add-activity) to modify project state in a web database based on user-provided data.
  • Sanitization: Absent; there is no instruction to validate, escape, or sanitize user input before it is used as arguments in state update commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 12:29 PM