aif-roadmap
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill features a 'skill-context' mechanism that prioritizes instructions found in local project files (
.ai-factory/skill-context/aif-roadmap/SKILL.md) over the default rules. This allows project-specific overrides of the agent's planning logic. - Ingestion points: Project context is ingested from
.ai-factory/skill-context/aif-roadmap/SKILL.md,.ai-factory/DESCRIPTION.md, and.ai-factory/ARCHITECTURE.md. - Boundary markers: There are no explicit delimiters or sanitization protocols mentioned for the content of these local context files.
- Capability inventory: The skill is authorized to use
Write,Edit, andBash(git *)tools, enabling it to modify the project roadmap based on the ingested context. - Sanitization: The skill does not perform explicit validation of the contents within the project-level context files, relying on the integrity of the project's own
.ai-factorydirectory. - [COMMAND_EXECUTION]: The skill uses
Bash(git *)to explore the project history and verify completed milestones. This execution is limited to git subcommands (e.g.,git log), which is a low-risk operation for state verification.
Audit Metadata