brownfield-adoption
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands including mkdir and iteration-loop to manage the context directory and execute the specification generation process. These tools are used as intended for project setup and automation within the local environment.
- [PROMPT_INJECTION]: The skill involves an indirect prompt injection surface (Category 8) because it analyzes untrusted data from an existing codebase to generate specifications. Ingestion points: The agent is instructed to read the src directory to discover functional domains and generate kits. Boundary markers: The bootstrap prompt does not explicitly define delimiters to isolate codebase content from the agent instructions. Capability inventory: The skill utilizes subprocess calls via iteration-loop and performs file-write operations within the context directory. Sanitization: There is no explicit sanitization or escaping of the ingested code content before it is processed by the agent.
Audit Metadata