Skills
skills/rsmdt/the-startup/implementation-planning/Gen Agent Trust Hub

implementation-planning

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill is designed to ingest and act upon external documentation (Product Requirements and Solution Designs) which are considered untrusted inputs. It lacks explicit boundary markers or sanitization for these inputs while maintaining capabilities to write files and execute shell commands.\n
  • Ingestion points: Specification files (PRD, SDD) located in the docs/specs/ directory as described in SKILL.md and template.md.\n
  • Boundary markers: Absent; the skill does not define specific delimiters or instructions to ignore instructions embedded within the source documents.\n
  • Capability inventory: The skill utilizes Read, Write, Edit, Task (shell command execution), TodoWrite, Grep, and Glob tools.\n
  • Sanitization: No content sanitization, validation, or escaping of the external documentation content is specified before processing or task execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:05 PM