scrum-sage
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to process untrusted data such as sprint reports and backlog items, which presents a theoretical attack surface for indirect prompt injection.
- Ingestion points: Processes user-provided text files and project data (SKILL.md).
- Boundary markers: The prompt does not explicitly define delimiters to separate system instructions from analyzed data.
- Capability inventory: The agent has access to
Read,Write,Grep,Glob, andWebSearchtools. - Sanitization: No specific data sanitization or instruction-filtering logic is implemented in the skill description.
- [SAFE]: The skill's primary function is coaching and facilitation. The instructions are transparent, follow agile principles, and do not contain hidden malicious commands or exfiltration patterns.
Audit Metadata