intent-discovery
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests data from the project landscape, including files and commits, which represents a surface for indirect prompt injection.
- Ingestion points: Identified in the 'Survey project landscape' and 'Exploring the idea' sections of SKILL.md.
- Boundary markers: No specific delimiters or instructions to ignore embedded instructions are used when reading project data.
- Capability inventory: Includes file writing, git commits, and tool invocation (task-planning, reference-engine).
- Sanitization: No explicit sanitization of ingested content is mentioned.
Audit Metadata