Skills
skills/terryso/claude-bmad-skills/bmad-story-pipeline/Gen Agent Trust Hub

bmad-story-pipeline

Warn

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill performs automated execution of multiple shell commands (e.g., /bmad-bmm-create-story, /bmad-tea-testarch-atdd, /bmad-bmm-dev-story) through a general-purpose subagent.
  • [PROMPT_INJECTION]: Instructions specifically mandate the use of a 'yolo' flag to ensure 'auto-approval' of commands, which intentionally bypasses typical human-in-the-loop safety constraints for command execution.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by deriving its execution logic from an external file (references/workflow-steps.md).
  • Ingestion points: references/workflow-steps.md defines the commands and descriptions used in the pipeline.
  • Boundary markers: Absent; the agent is instructed to follow the file contents as a direct source of truth for execution.
  • Capability inventory: Execution of shell commands via the Task tool and file system modification (updating sprint-status.yaml).
  • Sanitization: Absent; the content from the reference file is interpolated directly into the Task prompt without validation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 8, 2026, 07:41 AM