blueprint-development
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill employs the
Bashtool to perform project discovery and state analysis. It uses commands such asfindandlsvia dynamic context injection (!) in theSKILL.mdfile to identify project configuration files (e.g.,package.json,pyproject.toml) and directory structures.- [COMMAND_EXECUTION]: The skill integrates with the GitHub CLI (gh) to manage project metadata and task tracking. It provides instructions for creating labels and references workflows for creating and linking GitHub issues to local work orders.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes external data from requirements documents to generate the agent's behavioral rules and automated commands. - Ingestion points: Reads all markdown files located in the
docs/prds/directory. - Boundary markers: None identified; the skill directly extracts patterns and logic from the PRDs without specific delimiters or warnings to ignore embedded instructions.
- Capability inventory: The skill possesses the ability to write to the file system (
.claude/rules/,.claude/skills/), edit existing files, and execute shell commands viaBashandTodoWritetools. - Sanitization: No validation or sanitization mechanisms are described for the content extracted from PRDs before it is incorporated into generated rules or commands.- [SAFE]: The skill uses templates for rule generation and follows standard developer workflows for project initialization and Test-Driven Development (TDD).
Audit Metadata