requirements-analysis
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- No Code (SAFE): The skill is composed entirely of Markdown instruction files and templates. It does not include scripts, binaries, or any form of executable code, which eliminates common attack vectors like remote code execution or persistence.
- Indirect Prompt Injection (SAFE): The skill processes untrusted product requirement files from the docs/specs/ directory, which is an inherent surface for indirect prompt injection. However, this is considered safe given the skill's restricted toolset and procedural mitigations. 1. Ingestion points: Reads product-requirements.md files using Read, Grep, and Glob tools. 2. Boundary markers: No explicit delimiters are defined for the interpolated content. 3. Capability inventory: Restricted to file operations (Read, Write, Edit) and task management; no network access or shell execution available. 4. Sanitization: No automated sanitization, but the skill requires the agent to present findings to the user and wait for confirmation before proceeding, providing a manual security gate.
Audit Metadata