blueprint-claude-md
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill identifies a potential indirect prompt injection surface by processing untrusted data from project documentation.
- Ingestion points: The agent reads files from 'docs/prds/*.md' and general project files to gather context (SKILL.md, Step 3).
- Boundary markers: Absent. There are no instructions for the agent to use delimiters or ignore embedded instructions within the source files.
- Capability inventory: The agent has 'Write', 'Edit', and 'Bash' tools, which could be leveraged if it follows malicious instructions found in documentation.
- Sanitization: Absent. Content from the PRDs is interpolated into the generated 'CLAUDE.md' without filtering.
- [COMMAND_EXECUTION]: The skill utilizes a shell command for manifest management.
- Evidence: Uses a 'bash' command with 'jq' to update 'docs/blueprint/manifest.json' (SKILL.md, Step 10).
- Context: The execution is used for administrative tasks such as updating timestamps and run counters, which is appropriate for the skill's functionality.
Audit Metadata