jobs-to-be-done
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains misleading metadata in the 'Instructions' and 'Error Handling' sections which reference API configurations and CLI tools unrelated to the framework's purpose. This boilerplate residue may confuse the agent during execution.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes untrusted data and suggests project modifications without safety boundaries.
- Ingestion points: Project and documentation files are accessed using Read, Glob, and Grep tools.
- Boundary markers: No delimiters or isolation instructions are present to protect the agent from embedded malicious content in processed files.
- Capability inventory: The agent is instructed to apply code or configuration changes based on its findings.
- Sanitization: No validation or escaping of external content is performed before generating output.
Audit Metadata