task-validation-loop
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes untrusted documentation files to drive autonomous file modifications and agent logic. * Ingestion points: reads content from specs/tasks.md, specs/product_specs.md, and specs/architecture.md. * Boundary markers: absent; file content is interpolated into the agent context without delimiters or instructions to ignore embedded commands. * Capability inventory: performs local file writes to specs/tasks.md and invokes external sub-agents for alignment checks. * Sanitization: no validation or sanitization is performed on the content of the ingested files before processing.
Audit Metadata