Skills
skills/khaki4/my_skills/bf-spec/Gen Agent Trust Hub

bf-spec

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a vulnerability to indirect prompt injection through the processing of untrusted user input.
  • Ingestion points: Untrusted data enters the agent's context through the AC (Acceptance Criteria) document or change request content provided by the user in Step 1.
  • Boundary markers: The skill lacks delimiters or explicit instructions to ignore embedded commands within the ingested AC content when generating the Tech Spec or conventions file.
  • Capability inventory: The agent possesses the capability to perform deep codebase analysis (file reads), write new files to the docs/ directory, and execute the Task tool to spawn a secondary bf-lead-review agent.
  • Sanitization: There is no evidence of sanitization, validation, or escaping of the external input before it is interpolated into the Tech Spec template or passed to the review agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 09:36 AM