structured-rpi
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: A comprehensive audit of the skill found no evidence of malicious intent, credential theft, or unauthorized network activity. The skill correctly implements the specified workflow with explicit user control mechanisms.
- [PROMPT_INJECTION]: The skill inherently processes user-provided tasks and existing codebase content, which technically creates an indirect prompt injection surface. This risk is minimized by the skill's design, which mandates human-in-the-loop validation for all artifacts. (1) Ingestion points: local source files and user requests processed as described in phase-details.md. (2) Boundary markers: structured markdown artifacts and explicit phase gates defined in SKILL.md and structured-outputs.md. (3) Capability inventory: reading/writing files and executing local verification commands like npm test as mentioned in phase-details.md. (4) Sanitization: relies on the agent's internal safety guardrails and mandatory user approval for all state transitions.
Audit Metadata