utility-pm-skill-iterate
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill ingests untrusted data from validation reports and user feedback in Step 3 of SKILL.md. While boundary markers or explicit delimiters are not defined for the input processing, the skill's capability for local file writing is strictly controlled by a structured normalization process and a mandatory human-in-the-loop confirmation of all proposed edits before they are applied.
- [COMMAND_EXECUTION]: Local File Modification. The skill accesses and modifies files within the project's skill directory as its primary function. This capability is managed through explicit user approval for each change and a stale-preview guard that ensures file integrity is maintained between the preview and write operations.
Audit Metadata