Skills
skills/mingyuepop/specforge/feature-task-planning/Gen Agent Trust Hub

feature-task-planning

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes external documentation files and prototypes to generate code implementation prompts for subsequent stages.
  • Ingestion points: Reads content from docs/{功能名称}/2_技术方案.md, docs/{功能名称}/1_需求文档.md, and HTML files in docs/product_prototypes/ or docs/{功能名称}/prototypes/.
  • Boundary markers: Absent. The skill does not provide explicit instructions to treat input from these files as untrusted or to ignore instructions embedded within the design documents.
  • Capability inventory: The skill has the capability to write the generated task list to the file system at docs/{功能名称}/3_任务规划.md.
  • Sanitization: Absent. Input content is directly used to generate prompts for future coding tasks, creating a vector for instruction propagation.
  • [NO_CODE]: The skill consists purely of Markdown-based instructions and templates. No executable scripts or external code dependencies were detected within the file.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 04:58 AM