writing-design-docs
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection during its exploration phase. Maliciously crafted content in the codebase being researched could potentially influence the resulting design documentation or suggested verification steps.\n
- Ingestion points: The skill researches the project codebase and context to inform the design process (SKILL.md).\n
- Boundary markers: There are no explicit delimiters or 'ignore' instructions used to isolate the ingested codebase content from the agent's task-specific logic.\n
- Capability inventory: The skill writes markdown artifacts to the 'docs/plans/' directory.\n
- Sanitization: No sanitization, validation, or escaping of the content read from the codebase is performed before it is used to generate the output documents.
Audit Metadata