implement
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): Indirect Prompt Injection vulnerability surface detected.
- Ingestion points: The skill reads
AGENTS.md,tasks/markdown files (PRDs), andtasks/memory.mdto guide its execution. - Boundary markers: There are no specific delimiters or instructions defined to isolate the content of these files from the agent's core instructions.
- Capability inventory: The skill has permissions to modify local source code, update documentation, and execute project-defined scripts for building, linting, and testing.
- Sanitization: Content read from external task and configuration files is not sanitized or validated for embedded malicious instructions before the agent acts upon it.
Audit Metadata