gsd-add-phase
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted phase descriptions from users which creates a potential surface for indirect prompt injection. \n- Ingestion points: The $ARGUMENTS variable in SKILL.md receives user-provided phase descriptions. \n- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the skill definition. \n- Capability inventory: The skill is granted Bash, Read, and Write tool permissions. \n- Sanitization: The skill file does not define any sanitization or escaping logic for the user-provided input, though it mentions validation occurs in a referenced workflow.
Audit Metadata