vsdd
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing and using well-known development and verification tools such as Stryker, mutmut, Semgrep, and fast-check from official package registries.
- [COMMAND_EXECUTION]: Provides instructions for executing standard development lifecycle commands such as npm install, npx stryker run, and cargo mutants to perform testing and static analysis.
- [PROMPT_INJECTION]: A potential surface for indirect prompt injection exists because the skill ingests user-provided specifications and code into sub-agent prompts for review. * Ingestion points: The vsdd/spec.md file and project source code files. * Boundary markers: Uses section headers like SPEC: in prompts but lacks explicit instructions to the sub-agent to ignore commands embedded within the data. * Capability inventory: Sub-agent output is used to gate transitions between development phases. * Sanitization: No sanitization or escaping of the ingested content is performed before interpolation into sub-agent prompts.
Audit Metadata