rdd-decide
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill maintains an indirect prompt injection surface by processing content from external project files and the user's codebase.
- Ingestion points: The skill reads data from
./docs/essays/,./docs/product-discovery.md,./docs/decisions/, and the general project codebase as part of its audit and decision steps. - Boundary markers: No delimiters or 'ignore' instructions are defined to separate the ingested artifact data from the agent's core instructions.
- Capability inventory: The skill uses tools for file system manipulation (
Read,Write,Edit,Grep,Glob) and network access (WebSearch,WebFetch). - Sanitization: There is no instruction to sanitize, validate, or escape ingested content before it is processed by the AI.
Audit Metadata