atelier-spec-beads
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the 'bd' (Beads) CLI tool and 'jq' for task management, dependency tracking, and data processing. All commands are executed locally within the project context.
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it ingests technical designs and change documents to automatically create implementation plans and Beads tasks. • Ingestion points: Documentation located in 'docs/spec//spec.md' and design files. • Boundary markers: No explicit delimiters or instructions are used to distinguish documentation content from agent instructions. • Capability inventory: The skill has the ability to execute CLI commands, modify the local task database, and update task statuses. • Sanitization: Technical documentation content is processed and interpolated into task creation commands without evidence of validation or escaping.
Audit Metadata