Skills
skills/michaelmerrill/skills/ubiquitous-language/Gen Agent Trust Hub

ubiquitous-language

Pass

Audited by Gen Agent Trust Hub on Mar 23, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from PRD files and the codebase to extract terminology.
  • Ingestion points: Reads *-prd.md and *-scope.md files from the ./plans/ directory and searches the codebase for database models, API definitions, and type signatures.
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to isolate the processed content from its instructions.
  • Capability inventory: The skill can perform codebase-wide searches and write files to the ./plans/ directory.
  • Sanitization: Extracted content is not sanitized or validated before being processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 23, 2026, 02:03 PM