bf-lead-plan
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it analyzes untrusted content from technical specification documents.
- Ingestion points: Reads tech-spec files and conventions from the
docs/directory. - Boundary markers: Absent; the skill does not use delimiters to isolate content from instructions.
- Capability inventory: Includes local file read/write access and the ability to spawn sub-agents (Creator agents).
- Sanitization: The skill does not perform any validation or sanitization on the technical specifications before processing.
Audit Metadata