feature-plan
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, such as data exfiltration, credential harvesting, or unauthorized command execution, were found within the skill files.
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection because it processes feature specifications provided via a file path. However, the risk is minimized by the skill's narrow scope and clear role definitions.
- Ingestion points: Feature specification file path provided as an argument.
- Boundary markers: Includes specific constraints such as 'You NEVER write code' and 'Never write code or create files'.
- Capability inventory: The skill instructions focus solely on text analysis and planning output; no tools for network access or system modification are requested or used.
- Sanitization: Not explicitly detailed in the prompt, but the planning-only constraint serves as a logical barrier.
- [COMMAND_EXECUTION]: The skill suggests commands for the user to run (e.g.,
bundle exec rspec), but it does not instruct the agent to execute these commands autonomously.
Audit Metadata