slice
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions in SKILL.md guide the agent to run the
scripts/bootstrap_slice.pyPython script to perform the bootstrap operation using command-line arguments. - [REMOTE_CODE_EXECUTION]: The script
scripts/bootstrap_slice.pyutilizesimportlib.utilto dynamically load and execute Python modules (manage_execution.pyandmanage_planning.py) from relative filesystem paths within the vendor's skill hierarchy. This dynamic execution pattern is used to facilitate internal communication between modular skills. - [PROMPT_INJECTION]: The skill handles planning artifacts and work item descriptions, creating a surface for indirect prompt injection where instructions embedded in project documentation could influence agent behavior.
- Ingestion points: The script reads planning feature metadata and directory structures from the filesystem through its sibling modules.
- Boundary markers: No explicit boundary markers or 'ignore' instructions are documented for the content of the planning artifacts being processed.
- Capability inventory: The skill possesses capabilities for file system modification and dynamic loading of executable Python logic.
- Sanitization: Inputs such as slice IDs and feature names are passed through validation and normalization functions defined in the loaded management modules.
Audit Metadata