Skills
skills/sivaprasadreddy/sdd-skills/sdd-yolo/Gen Agent Trust Hub

sdd-yolo

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill analyzes external content from docs/project.md and user input to generate code. This represents an indirect prompt injection surface.
  • Ingestion points: docs/project.md and feature_description argument.
  • Boundary markers: No explicit delimiters are used to wrap external content.
  • Capability inventory: File system access and shell command execution for testing.
  • Sanitization: The skill does not specify input validation.
  • Mitigation: This risk is mitigated by a mandatory human confirmation gate and a final security review phase.
  • [COMMAND_EXECUTION]: The skill runs local shell commands for development tasks.
  • Evidence: Executes test commands in Phase 3 and git diff in Phase 4.
  • Context: This is standard functionality for the skill's purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 04:24 AM