feature-forge
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted user requirements and codebase content to generate documentation and drive sub-tasks. Evidence includes: 1. Ingestion points: User input captured via the AskUserQuestions tool and technical context retrieved from the codebase using the Explore subagent. 2. Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the specification templates or subagent task definitions. 3. Capability inventory: The agent is authorized to spawn task-specific subagents and write files to the local specs/ directory. 4. Sanitization: No sanitization or validation is applied to user-provided data before it is used in documentation or to construct file paths, which could lead to path traversal if the feature name is manipulated. \n- [NO_CODE]: The skill consists entirely of markdown-based instructions and reference materials, with no executable scripts, binaries, or external code dependencies included in the skill package.
Audit Metadata