bmad-story-pipeline
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a sequence of CLI tools, such as /bmad-bmm-dev-story, via a subagent using the Task tool. The inclusion of a yolo parameter indicates the pipeline is designed for autonomous execution without manual step-by-step confirmation.
- [PROMPT_INJECTION]: The skill loads command templates from references/workflow-steps.md, creating a surface for indirect prompt injection where the execution flow could be influenced by changes to the local configuration file.
- Ingestion points: Command strings and step definitions are read from references/workflow-steps.md and sprint-status.yaml.
- Boundary markers: None identified; the agent treats the configuration file as a trusted source of instructions.
- Capability inventory: The skill uses a subagent for command execution and performs file system operations to update status metadata.
- Sanitization: There is no evidence of validation or sanitization of the configuration content before it is processed by the agent.
Audit Metadata