feature-forge
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill processes natural language feature descriptions and user interview responses, representing an indirect prompt injection surface.
- Ingestion points: Natural-language requests for feature definition and stakeholder interview responses as defined in SKILL.md and references/interview-questions.md.
- Boundary markers: None identified; user input is not explicitly delimited from agent instructions.
- Capability inventory: The skill can spawn subagents to explore the codebase and write generated markdown specifications to the local file system.
- Sanitization: Not present; the skill interpolates user-provided requirements directly into documentation templates.
- [COMMAND_EXECUTION]: The skill performs file system write operations to save generated requirements documents.
- Evidence: SKILL.md and references/specification-template.md specify saving output to the 'specs/' directory.
- [DATA_EXFILTRATION]: The skill accesses local codebase information to provide technical context for feature discovery.
- Evidence: The 'Pre-Discovery' pattern in references/interview-questions.md and references/pre-discovery-subagents.md uses subagents to analyze system architecture, user models, and implementation details.
Audit Metadata