sdd-engineering
Fail
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: CRITICALCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the generation and execution of software tests (using frameworks like Jest or PyTest) during the 'Harnessing' and 'Execution' phases. This involves running code created at runtime based on user specifications, which is a standard but sensitive operation for an engineering-focused skill.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by ingesting raw user intent and converting it into a 'Law' (requirements document) that guides all subsequent agent actions and code generation.
- Ingestion points: File
SKILL.md(Phase 1: Legislation) describes ingesting raw user intent to generate specification documents. - Boundary markers: While the skill requires a
<thinking>block for analysis, it lacks explicit delimiters or sanitization logic to separate untrusted user-provided content from the agent's system instructions. - Capability inventory: The skill provides the agent with broad capabilities to write files, implement application logic, and execute verification scripts.
- Sanitization: No mechanisms for sanitizing or validating user-provided input are described before that input influences the engineering lifecycle.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata