sc-design
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill defines a workflow that ingests external content to influence file-system modifications. • Ingestion points: Uses 'Read' tool for requirement analysis of potentially untrusted project files. • Boundary markers: Lacks instructions to ignore embedded commands within the 'target' or 'requirements' data. • Capability inventory: Employs 'Write' and 'TodoWrite' tools which can modify the local workspace. • Sanitization: No validation or sanitization of input data is specified before processing.
Audit Metadata