requirements-analysis
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-supplied requirement documents, creating an attack surface for indirect prompt injection.
- Ingestion points: Untrusted requirements are ingested into the AI context via the system prompt defined in
prompts/requirements-analysis.md. - Boundary markers: The prompt employs Markdown headers and explicit role definitions (Lead QA Engineer) to separate instructional instructions from the user data.
- Capability inventory: The skill includes scripts for reading and writing files and converting them into multiple formats (JSON, CSV, DOCX, XLSX, XMind) via Python.
- Sanitization: The conversion utility
scripts/convert_formats.pyuses standard parsing libraries (json,csv,xml.etree.ElementTree) which are robust for structured data parsing but do not specifically filter for malicious natural language instructions embedded within the requirements text. - [COMMAND_EXECUTION]: The skill contains several wrapper scripts (e.g.,
scripts/convert_to_csv.py,scripts/batch_convert_templates.py) that utilizesubprocess.callto invoke the core conversion logic inscripts/convert_formats.py. These executions are performed using the local Python interpreter and are restricted to internal skill files, representing legitimate tool functionality.
Audit Metadata