Skills
skills/gentleman-programming/agent-teams-lite/sdd-tasks/Gen Agent Trust Hub

sdd-tasks

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Potential for indirect prompt injection via the ingestion of project artifacts.\n- Ingestion points: The skill reads content from 'proposal', 'spec', and 'design' using memory retrieval tools (mem_get_observation) and reads from .atl/skill-registry.md in the project root as seen in SKILL.md.\n- Boundary markers: The skill does not implement delimiters or safety instructions to distinguish between its own system-level instructions and data found in user-provided documentation.\n- Capability inventory: The skill has the capability to write to the agent's memory via mem_save and write to the local filesystem (creating tasks.md), influencing implementation steps for future tasks.\n- Sanitization: External content is not sanitized or validated before being used to generate the task list, which could allow a malicious design document to influence generated tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 01:24 PM