Skills
skills/lidessen/skills/reframe/Gen Agent Trust Hub

reframe

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes user-generated markdown documents within the concepts/ directory to manage design state and generate retrospectives. This creates a surface for indirect prompt injection where malicious instructions in those files could influence agent behavior.\n
  • Ingestion points: The skill reads concepts/*.md files in both the main workflow and the /reframe close command (Step 2).\n
  • Boundary markers: Content from concept documents is read into the context without explicit boundary markers or instructions to ignore embedded instructions.\n
  • Capability inventory: The skill directs the agent to read, write, and move files, and to perform git commits.\n
  • Sanitization: No sanitization or validation is performed on the ingested markdown content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 07:48 AM