Skills
skills/github/awesome-copilot/create-technical-spike/Gen Agent Trust Hub

create-technical-spike

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: No malicious patterns, obfuscation, or persistence mechanisms were detected in the skill instructions or template.
  • [EXTERNAL_DOWNLOADS]: The skill uses search and fetch tools to gather information from external technical documentation and repositories.
  • [COMMAND_EXECUTION]: The skill workflow includes using the runTasks tool to execute prototypes and experiments during the technical validation phase.
  • [PROMPT_INJECTION]: The skill identifies a potential surface for indirect prompt injection. Ingestion points: user-provided spike details and external research data from search and fetch tools. Boundary markers: the template does not use specific delimiters to isolate external research content from agent instructions. Capability inventory: runTasks, editFiles, and vscodeAPI tools are used for research and implementation. Sanitization: no explicit validation or sanitization of external research data is defined in the workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 05:26 AM