Skills
skills/gentleman-programming/agent-teams-lite/sdd-archive/Gen Agent Trust Hub

sdd-archive

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it processes and merges untrusted data from delta specifications into the project's primary documentation (Source of Truth).
  • Ingestion points: The agent reads delta specifications from the openspec/changes/{change-name}/specs/ directory and retrieves content via the mem_get_observation tool (SKILL.md).
  • Boundary markers: There are no explicit delimiters or specific instructions to the agent to treat the ingested documentation as untrusted data during the merge process.
  • Capability inventory: The skill possesses the ability to move folders, write to the filesystem (openspec/specs/), and update persistent project memory via mem_save (SKILL.md).
  • Sanitization: The skill does not implement any content validation or sanitization routines before interpolating the delta content into the main specification files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 01:19 PM