Skills
skills/github/awesome-copilot/breakdown-epic-arch/Gen Agent Trust Hub

breakdown-epic-arch

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the 'Epic PRD' input field, which could allow malicious instructions within the PRD to override the agent's behavior.
  • Ingestion points: The skill ingests the full content of an Epic PRD markdown file within the SKILL.md template.
  • Boundary markers: There are no explicit delimiters or instructions provided to the LLM to ignore any instructions embedded within the PRD content.
  • Capability inventory: The skill has the capability to write files to the filesystem, specifically creating an architecture document at '/docs/ways-of-work/plan/{epic-name}/arch.md'.
  • Sanitization: No validation or sanitization of the input PRD content is implemented.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 05:25 AM