capture-work-items
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The README file provides an installation command (
npx skills add nesnilnehc/ai-cortex --skill capture-work-items) to fetch the skill from the developer's repository. This is a standard installation pattern for the environment and refers to the vendor's own resources. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it transforms unvalidated free-form user input into persistent documentation artifacts.
- Ingestion points: Raw descriptions of requirements, bugs, or issues are accepted as free-form input as defined in the
SKILL.mdinput schema. - Boundary markers: There are no explicit delimiters or instructions within the templates in
SKILL.mdto prevent an agent from potentially interpreting instructions embedded within the user-provided descriptions. - Capability inventory: The skill is authorized to create and write Markdown files to specific project directories like
docs/backlog/ordocs/process-management/project-board/backlog/as defined in Phase 3 ofSKILL.md. - Sanitization: No sanitization, filtering, or escaping of the user-provided content is performed before it is interpolated into the Markdown templates and written to the file system.
Audit Metadata