requirements
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection. * Ingestion points: The skill reads project context from an external file named docs/vision.md. * Boundary markers: There are no instructions or delimiters provided to the agent to prevent it from executing commands that might be embedded in the vision document. * Capability inventory: The skill allows the agent to write to the file system (docs/requirements.md) and use the TodoWrite tool based on processed input. * Sanitization: The skill lacks any mechanism to validate or sanitize the content ingested from the vision document before it is used to generate new documentation.
Audit Metadata