ask-questions-if-underspecified
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes arbitrary user input within a high-privilege context.
- Ingestion points: User feature requests and descriptions of requirements.
- Boundary markers: The instructions do not define boundary markers or delimiters to isolate user input from the system's execution logic.
- Capability inventory: The skill utilizes Bash, Read, and Write tools, creating a significant impact surface.
- Sanitization: There is no evidence of input validation, filtering, or sanitization of the provided user requirements.
Audit Metadata