feature-forge
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted input to generate specifications, which could be exploited to influence the agent's output format or content.\n
- Ingestion points: User input during discovery and interview workflow steps defined in SKILL.md.\n
- Boundary markers: None identified in the provided instructions.\n
- Capability inventory: Local file-write capability to create markdown files in the 'specs/' directory.\n
- Sanitization: No explicit validation or escaping of stakeholder input is specified.
Audit Metadata