project-task-planning
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8) by ingesting data from external specification documents to create a project plan.\n
- Ingestion points: The agent reads contents from specs/1_产品概述.md, specs/2_技术栈.md, specs/3_项目结构.md, and specs/4_开发规范.md.\n
- Boundary markers: Absent; there are no delimiters or instructions provided to the agent to distinguish between its own logic and instructions that might be embedded in the source documents.\n
- Capability inventory: The skill facilitates file system operations, including directory creation and writing the final plan to specs/5_初始化计划.md.\n
- Sanitization: Absent; the skill lacks a mechanism to filter or escape potentially malicious instructions found within the input markdown files.
Audit Metadata