decompose
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious behaviors, obfuscation, or unauthorized data access detected. The skill follows a controlled and transparent workflow for project decomposition.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it ingests context from untrusted project files such as README.md and draft documents. This is a functional requirement for its scope analysis task and the risk is low given the agent's limited toolset.
- Ingestion points: Project README.md, files within the docs/ directory, and draft.md files within the ideas/ directory.
- Boundary markers: The skill does not define explicit delimiters to separate untrusted content from the system prompt instructions.
- Capability inventory: The agent can interact with the user via AskUserQuestion and create project manifest files in the docs/ directory.
- Sanitization: No explicit sanitization of ingested file content is specified before the context is processed.
Audit Metadata