prd
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted user input to generate files, creating a potential surface for injection or path traversal.
- Ingestion points: The 'feature description' provided by the user is the entry point for untrusted data.
- Boundary markers: None present. The prompt does not define delimiters or provide 'ignore instructions' warnings for the interpolated user content.
- Capability inventory: The skill performs file-write operations to the 'tasks/' directory.
- Sanitization: None present. While the prompt suggests 'kebab-case' for filenames, it does not explicitly instruct the agent to sanitize input against path traversal characters (e.g., '../') or malicious embedded instructions.
Audit Metadata