acceptance-criteria-authoring
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized commands were detected. The skill consists entirely of educational material and templates for software development requirements.
- [NO_CODE]: This skill is composed of a single markdown file containing documentation and examples; it does not ship with any executable scripts or binary files.
- [PROMPT_INJECTION]: The skill is designed to process user-provided stories and requirements, creating a surface for indirect prompt injection. 1. Ingestion points: User story and requirement descriptions provided by the user. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are included in the authoring templates. 3. Capability inventory: The skill utilizes Read, Write, Glob, Grep, and Task tools. 4. Sanitization: No input validation or sanitization logic is present in the provided documentation templates. This vulnerability surface is inherent to the skill's primary function of structured requirement authoring.
Audit Metadata