project-requirements
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
- [PROMPT_INJECTION]: The skill includes a directive in the 'Required Plugins' section requiring the 'Superpowers' plugin to be active and instructing the agent to prefer its methods over default approaches, which steers agent behavior toward non-standard internal tools.\n- [PROMPT_INJECTION]: The skill facilitates an indirect prompt injection surface by collecting raw user responses and saving them into markdown files that serve as input for downstream automated processes.\n
- Ingestion points: User responses during the Phase 1-4 interview process described in SKILL.md.\n
- Boundary markers: Absent; there are no instructions to use delimiters or ignore instructions embedded within the user's requirements.\n
- Capability inventory: File system write access to the 'docs/project-requirements/' directory.\n
- Sanitization: Absent; the skill directly places user-provided text into the documentation files.\n- [CREDENTIALS_UNSAFE]: In the 'Non-Functional Requirements' section of Phase 1, the skill explicitly prompts the user for an 'optional tile provider API key,' which encourages the unsafe practice of storing sensitive credentials in plain text markdown files.
Audit Metadata