blueprints-writing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious patterns, such as prompt injection, data exfiltration, or unauthorized command execution, were found in the skill instructions. The skill utilizes a set of local tools for file management and documentation that are consistent with its stated purpose.
- [Indirect Prompt Injection] (LOW): The skill functions as a documentation assistant that processes external technical data to generate files, which is a standard operational surface.
- Ingestion points: Technical descriptions and codebase contents accessed via tools like Read and Grep.
- Boundary markers: Absent; the instructions do not specify delimiters for untrusted input when interpolating into templates.
- Capability inventory: File creation and modification capabilities (Write, Edit, and mcp__plugin_hashi-blueprints_blueprints__write_blueprint).
- Sanitization: Absent; the skill relies on the agent's inherent processing of technical text without specific escaping logic.
Audit Metadata