validate
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute local analysis commands including grep, find, and wc. These are used to detect patterns like TODO markers, vague language, and architectural violations in local files as part of the validation workflow.
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection because it processes user-provided documentation and source code. Maliciously crafted instructions within these processed files (e.g., within the CONSTITUTION.md rules or PRD requirements) could theoretically attempt to influence the behavior of the validator or the specialist agents it orchestrates. Evidence chain: (1) Ingestion points: target specification and implementation files and CONSTITUTION.md; (2) Boundary markers: markdown sections and YAML blocks are used for structural separation; (3) Capability inventory: Bash, Read, Write, Edit, and Task tools; (4) Sanitization: no explicit content sanitization or instruction filtering is documented.
Audit Metadata