require-analysis
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed exclusively for document generation and lacks any capabilities for network communication or remote resource retrieval.
- [PROMPT_INJECTION]: The skill contains robust negative constraints that explicitly forbid the agent from generating any form of executable code (Java, JavaScript, SQL, HTML) or creating code-related file types. This serves as a strong defense against attempts to coerce the AI into generating malicious scripts.
- [COMMAND_EXECUTION]: Analysis of the skill instructions and templates confirms that no system commands, shell scripts, or subprocesses are invoked. The file-writing operations are limited to a predefined documentation path (
/projectdocs/require/). - [DATA_EXPOSURE]: There is no evidence of instructions that attempt to read sensitive system configuration files, credentials, or environment variables. The skill focus is entirely on processing user-provided requirement descriptions into structured Markdown.
Audit Metadata