Skills
skills/laurigates/claude-plugins/blueprint-work-order/Gen Agent Trust Hub

blueprint-work-order

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests untrusted content from GitHub issues and local documentation files (PRPs and PRDs).
  • Ingestion points: Content is read from docs/prps/, docs/prds/, and the output of gh issue view.
  • Boundary markers: The instructions do not define delimiters or specific warnings to prevent the agent from following instructions embedded within the processed data.
  • Capability inventory: The agent has access to Bash (executing CLI tools), Write (modifying local files), and Read tools.
  • Sanitization: There is no evidence of sanitization or filtering for the data extracted from issues or documentation before it is interpolated into new work-orders or used in further command execution.
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to perform several operations using local command-line interfaces.
  • Executes gh CLI commands to interact with GitHub issues, including viewing, creating, commenting on, and labeling issues.
  • Executes git status and git log to analyze the current state of the repository.
  • Uses jq to dynamically modify local JSON tracking files (feature-tracker.json and manifest.json).
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 07:25 PM