task-breakdown
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted external data in the form of architecture documents and feature specifications which may contain embedded instructions.
- Ingestion points: SKILL.md specifies inputs as '[spec or architecture to decompose]', including architecture documents, feature specs, and problem descriptions.
- Boundary markers: No specific boundary markers or 'ignore embedded instructions' warnings are present to delineate user-provided data from system instructions.
- Capability inventory: Across all files, the only capability identified is writing output to '.agents/tasks.md'. The skill lacks network access, shell command execution, or sensitive file system operations.
- Sanitization: There is no evidence of input sanitization or validation for the content of the provided specifications.
Audit Metadata