requirements-analysis
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill defines a workflow that processes untrusted data from local requirement files, creating a surface for indirect prompt injection attacks.
- Ingestion points: The skill reads data from
requirements.mdfiles located in the.start/specs/directory as specified in SKILL.md. - Boundary markers: There are no explicit delimiters or instructions provided in the templates to differentiate between agent instructions and the untrusted content being processed.
- Capability inventory: The skill has permissions to read from and write to the local file system within the workspace directory.
- Sanitization: No mechanisms for sanitizing or validating the content of the requirements files are defined before processing.
- [NO_CODE]: The skill consists exclusively of markdown instructions and template files and does not include any executable code, scripts, or binary dependencies.
Audit Metadata