feature-spec
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its ingestion of external project files.
- Ingestion points: Uses 'vision.md', 'requirements.md', and the 'backend/'/'frontend/' codebases as primary context.
- Boundary markers: Does not define any delimiters or 'ignore' instructions to separate feature requirements from the agent's own behavioral instructions.
- Capability inventory: Capable of reading arbitrary files in the repository and writing multiple markdown files including 'spec.md' and 'design-brief.md'.
- Sanitization: No sanitization or content validation is applied to the ingested documentation before processing.
Audit Metadata