groundwork-scaffold-interface
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection because it reads and processes untrusted application code to generate documentation.
- Ingestion points: The skill reads files from multiple directories including
src/,app/,lib/,routes/,api/,controllers/,pages/, andcomponents/(SKILL.md). - Boundary markers: The instructions do not specify any delimiters or directives to ignore instructions embedded within the codebase being scanned.
- Capability inventory: The agent performs recursive file reading across the codebase and writes the output to
docs/specs/SPEC-INTERFACE.md. - Sanitization: There are no requirements to sanitize, escape, or validate the content extracted from the codebase before it is interpolated into the generated draft.
Audit Metadata