feature-planning
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill demonstrates a surface for indirect prompt injection by processing external markdown files.
- Ingestion points: The skill reads docs/features/[feature-name]/breakdown.md to extract tasks and dependency data.
- Boundary markers: No explicit delimiters or instructions are provided to the agent to separate the breakdown document content from its own system instructions.
- Capability inventory: The skill possesses filesystem write access to create the implementation-sequence.md output file.
- Sanitization: The skill does not perform content sanitization or structured validation of the input text before processing and incorporating it into the final sequence document.
Audit Metadata