roadmap-strategist
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOW
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes external data from
.pm/backlog/items.yamlto calculate alignment scores and provide recommendations. - Ingestion points: Reads from
.pm/backlog/items.yamland.pm/config.yaml. - Boundary markers: None explicitly defined in the prompt templates, which is common for this type of skill.
- Capability inventory: Limited to reading/writing project management files (
.pm/roadmap.md) and providing textual recommendations. - Sanitization: No explicit sanitization of backlog item content, though the logic (keyword matching) naturally ignores most non-relevant text.
- [Data Exposure & Exfiltration] (SAFE): The skill only interacts with local project files in the
.pm/directory. No network operations or access to sensitive system paths (e.g., credentials, SSH keys) were detected. - [Remote Code Execution] (SAFE): The provided Python snippets are illustrative logic for the agent to follow rather than instructions to execute arbitrary code or download remote scripts.
Audit Metadata