Skills
skills/khazp/vibe-coding-prompt-template/vibe-agents/Gen Agent Trust Hub

vibe-agents

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted data from local project documentation to generate new configuration files, creating a surface for indirect prompt injection.
  • Ingestion points: Extracts context from docs/PRD-*.md and docs/TechDesign-*.md.
  • Boundary markers: None present; the skill lacks delimiters or instructions to ignore commands within the source text.
  • Capability inventory: Uses the Write tool to create several files including AGENTS.md and tool-specific configurations.
  • Sanitization: None present; content from the documentation is interpolated directly into templates without validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 02:31 AM