Skills
skills/shoootyou/get-shit-done-multi/gsd-remove-phase/Gen Agent Trust Hub

gsd-remove-phase

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash and Write tools to perform programmatic edits to roadmap files and execute git commands to record historical changes.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it ingests and processes content from external roadmap files.
  • Ingestion points: Roadmap content and state are resolved through file reads during the initialization and execution phases.
  • Boundary markers: No explicit markers or delimiters are defined to isolate data ingested from roadmap files from the agent's core instructions.
  • Capability inventory: The skill is granted Read, Write, Bash, and Glob capabilities, allowing it to modify the file system and execute shell commands based on inputs derived from roadmaps.
  • Sanitization: The skill does not implement validation or sanitization for the data read from the roadmap files before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 07:07 PM