developer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted external data from project files which can lead to indirect prompt injection.
- Ingestion points: SPEC.md, DESIGN.md, CONTEXT.md, and manifest files like package.json.
- Boundary markers: Absent; the agent is told to follow these files accurately without safety delimiters.
- Capability inventory: Includes file reading, file writing, and technical autonomy in code execution.
- Sanitization: Absent; no verification of the source or content of the documentation is required before implementation.
- [NO_CODE] (SAFE): This skill contains only instructional markdown and no executable scripts, reducing the direct attack surface.
Audit Metadata