plan
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it incorporates content from untrusted project documentation into the issues and plans it generates.
- Ingestion points: The skill reads prd.md, spec.md, tdd.md, and various source files referenced in the design.
- Capability inventory: The skill has file-read and file-write capabilities used to create markdown documentation in the issues and plans directories.
- Boundary markers: No delimiters or protective instructions are utilized to differentiate between the skill's instructions and potentially malicious content within the design documents.
- Sanitization: The skill performs no sanitization or validation of the text ingested from the design documentation before processing.
Audit Metadata