sprint-workflow
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill documents a procedural workflow and does not contain malicious code, hidden instructions, or unauthorized data access patterns.
- [PROMPT_INJECTION]: The skill describes an indirect prompt injection surface where user-provided specifications in .claude/sprint/[N]/specs.md drive agent actions. The evidence chain includes: Ingestion point at .claude/sprint/[N]/specs.md; Boundary markers: None specified in the instructions; Capability inventory: Implementation agents (python-dev, nextjs-dev) modify source files and testing agents (qa-test-agent) execute system commands; Sanitization: No input validation or filtering is mentioned. This surface is inherent to the tool's function and is managed by defined workflow constraints such as iteration limits and manual intervention checkpoints.
- [DATA_EXFILTRATION]: The skill references file operations within the project's .claude configuration directory. These actions are restricted to maintaining sprint state and project context, with no patterns of unauthorized network requests or credential access identified.
Audit Metadata