Skills
NYC
skills/microck/ordinary-claude-skills/agile-product-owner/Gen Agent Trust Hub

agile-product-owner

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The skill documentation in SKILL.md references a local Python script scripts/user_story_generator.py to automate task generation and sprint planning. This is standard functionality for this type of agent skill.
  • [NO_CODE] (SAFE): The files provided for analysis (SKILL.md and metadata.json) contain no executable code. The script referenced in the documentation is missing from the provided context.
  • [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface detected: 1. Ingestion points: The skill ingests user-provided 'epic' descriptions into the user_story_generator.py script. 2. Boundary markers: No delimiters or 'ignore' instructions for embedded data are specified in the documentation. 3. Capability inventory: The skill utilizes local shell execution for Python scripts. 4. Sanitization: No sanitization or input validation logic is described for the processed epic content.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:22 PM