analyze-requirements
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill is designed as a structured instructional framework for requirements engineering.
- [PROMPT_INJECTION]: The instructions do not contain any patterns typical of prompt injection, such as attempts to bypass safety filters, override system instructions, or extract system prompts.
- [DATA_EXFILTRATION]: No network operations or exfiltration patterns were detected. The skill's primary action is writing documentation to local project directories (e.g.,
docs/requirements/), which is consistent with its stated purpose. - [REMOTE_CODE_EXECUTION]: No remote code execution or arbitrary command execution patterns were identified. The skill is logic-driven and does not spawn sub-processes or execute external scripts.
- [EXTERNAL_DOWNLOADS]: While the skill metadata references external GitHub repositories (such as
jwynia/agent-skillsandstaruhub/ClaudeSkills) as methodology sources, these are informational references only and do not trigger runtime downloads or package installations. - [INDIRECT_PROMPT_INJECTION]: The skill processes free-form user input to generate documentation. While this represents a standard attack surface, the risk is minimal as the output is restricted to Markdown files and is not executed.
Audit Metadata