spec-test
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection (Category 8) because it is instructed to read and process documentation files that may be influenced by external or untrusted sources.
- Ingestion points: The skill reads multiple files including
exploration-report.md,plan.md, andsummary.mdto inform its testing tasks. - Boundary markers: No specific delimiters or "ignore previous instructions" warnings are provided to prevent the agent from obeying instructions embedded within these files.
- Capability inventory: The skill can write markdown files (
test-plan.md,test-report.md) and send internal messages to other roles (TeamLead,spec-writer,spec-debugger). It lacks more dangerous capabilities like arbitrary command execution or network access. - Sanitization: The instructions do not include steps to sanitize or validate data extracted from the ingested files.
Audit Metadata