blueprint-research
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill interpolates user-supplied data such as
feature_descriptionandtech_stackdirectly into the prompts for sub-agents. This creates a surface for indirect prompt injection where malicious input could influence the behavior of the research agents. - Ingestion points: Inputs
feature_descriptionandtech_stackare defined inSKILL.mdand used across various tasks. - Boundary markers: The skill does not employ explicit delimiters or instructions to ignore embedded commands within the interpolated variables.
- Capability inventory: The skill spawns multiple sub-agents (e.g.,
git-researcher,docs-researcher) and dynamically injects skills from thecoding_stylesarray. - Sanitization: No sanitization or validation of the input strings is performed before interpolation.
- [COMMAND_EXECUTION]: The skill utilizes internal vendor-defined agents (
majestic-engineer:*) to perform repository analysis and git-related research. These operations are scoped to the project environment and are consistent with the skill's stated purpose. - [EXTERNAL_DOWNLOADS]: The workflow includes a conditional external research phase where agents like
docs-researchermay access network resources to retrieve technical documentation. These operations are handled by internal vendor sub-agents.
Audit Metadata