pdca
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
Bashtool to perform system-level operations, such as environment detection and team resource management. - [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface by ingesting and acting upon untrusted data from project documents and source code.
- Ingestion points: Content from
docs/01-plan/,docs/02-design/, and implementation source code is read during the 'analyze' and 'iterate' phases. - Boundary markers: There are no explicit instructions or delimiters defined to distinguish between data and instructions within the ingested files.
- Capability inventory: The skill has access to powerful tools including
Bash,Write,Edit, andTaskmanagement tools, which could be leveraged if an injection occurs. - Sanitization: The skill does not specify any sanitization or validation logic for the external content before it is processed by the
gap-detectororpdca-iteratoragents.
Audit Metadata