roadmap-plan
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses local Node.js scripts to initialize the environment and validate roadmap structures. These executions are limited to specific internal paths and necessary for the skill's operations.
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection as it ingests content from repository files.
- Ingestion points: The skill reads configuration, milestones, and change logs from the
.spec-driven/directory (SKILL.md, Step 1). - Boundary markers: No explicit delimiters are used to isolate ingested content from the agent's instructions.
- Capability inventory: The skill can execute internal scripts and write updates to the roadmap directory (SKILL.md).
- Sanitization: Content from files is processed without explicit sanitization, though this behavior is central to the skill's primary purpose.
Audit Metadata