Skills
skills/gentleman-programming/agent-teams-lite/sdd-propose/Gen Agent Trust Hub

sdd-propose

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted input from exploration analysis and user descriptions, which are used to generate the change proposal. This data is interpolated into the document without sanitization or the use of boundary markers, creating a potential surface for indirect prompt injection.\n
  • Ingestion points: SKILL.md (reads exploration content via mem_get_observation and takes direct user input).\n
  • Boundary markers: Absent (uses direct markdown interpolation).\n
  • Capability inventory: Filesystem writes to the openspec/ directory and memory updates via mem_save calls as described in SKILL.md.\n
  • Sanitization: None identified for processed inputs.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 01:48 PM