subsystem-design-spec
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified. The skill is a documentation-focused workflow.
- [NO_CODE]: The skill consists entirely of markdown instructions and templates, with no executable scripts or external dependencies.
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface (Category 8) because it processes untrusted content from local documentation files (e.g., docs/conventions.md) to extract design conventions. Evidence: 1. Ingestion points: docs/conventions.md, docs//-spec.md, docs/prd//*.md. 2. Boundary markers: none. 3. Capability inventory: file reading and markdown generation. 4. Sanitization: none. This is considered safe as the behavior is central to the skill's intended purpose and it lacks the high-privilege capabilities required for weaponization.
Audit Metadata