prd
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions to bypass safety filters or override system prompts were found.
- [Data Exposure & Exfiltration] (SAFE): No evidence of hardcoded credentials or unauthorized network communication. The skill only writes to a local tasks/ directory.
- [Remote Code Execution] (SAFE): No remote scripts are downloaded or executed.
- [Indirect Prompt Injection] (LOW): The skill ingests untrusted user input and external file content. 1. Ingestion points: User input for feature descriptions and tasks/planning-[feature].md. 2. Boundary markers: None present. 3. Capability inventory: Writing Markdown files to the tasks/ directory. 4. Sanitization: None present. The impact is limited as the output is a document for human or AI review, not code for immediate execution.
Audit Metadata