gsd-verify-work
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because its primary function involves processing potentially untrusted data from 'built features' during validation steps.
- Ingestion points: The workflow ingests outputs from features under test and user conversational responses (SKILL.md).
- Boundary markers: There are no explicit delimiters or safety instructions provided to prevent the agent from executing instructions potentially hidden within the test data.
- Capability inventory: The skill is granted high-privilege tool access, including Bash, Task, Edit, and Write capabilities (SKILL.md).
- Sanitization: The skill lacks mechanisms to sanitize or validate the content produced by the features it is evaluating before interpreting it in the conversational context.
Audit Metadata