blueprint-upgrade
Warn
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses Bash commands such as
mv,rm -rf, andjqto modify project directories and JSON manifests. While intended for upgrades, these operations perform destructive actions like removing the.claude/blueprints/directory. - [COMMAND_EXECUTION]: The skill implements dynamic logic execution by loading and following instructions from external markdown files (e.g.,
migrations/v2.x-to-v3.0.md) provided by a separate skill (blueprint-migration), creating a dependency on external instruction content. - [PROMPT_INJECTION]: An indirect prompt injection surface exists as the skill processes instructions from external migration documents and metadata from project manifests without sanitization. Ingestion points:
manifest.jsonand external migration files. Boundary markers: None present. Capability inventory: Bash execution and file writing. Sanitization: None identified for instructions read from secondary files.
Audit Metadata