aldescription
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains an instruction to bypass the agent's default reasoning process: 'Do not use your plan mode'. This is an override of standard system behavior.
- [PROMPT_INJECTION]: The skill processes untrusted implementation details and code changes, which constitutes a surface for indirect prompt injection.
- Ingestion points: The skill reads completed implementation work and changes from the workspace.
- Boundary markers: There are no explicit markers or instructions provided to the agent to treat the implementation data as untrusted or to ignore embedded instructions.
- Capability inventory: The skill delegates execution to the 'alignfirst' protocol and its associated tools.
- Sanitization: No sanitization, escaping, or validation logic is defined for the content being processed.
Audit Metadata