requirement-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface detected.
- Ingestion points: The skill is designed to parse and analyze raw requirements from external sources such as 'Stakeholder interviews' and 'Existing documentation' (Analysis Process Step 1 and 2).
- Boundary markers: There are no explicit delimiters or instructions provided to the agent to distinguish between its own logic and the potentially adversarial content embedded in the ingested requirements.
- Capability inventory: The skill includes instructions to write structured data to the local file system at a specific path ('.work/requirements/').
- Sanitization: No input validation or content filtering mechanisms are defined to sanitize untrusted input before it is processed or used to generate documentation files.
- [NO_CODE]: The skill does not contain any executable scripts (Python, JavaScript, etc.) or binary files. It consists entirely of Markdown and YAML-based instructions and templates.
Audit Metadata