frame-problem
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides a standard and professional framework for architectural solution discovery.
- [COMMAND_EXECUTION]: In Phase 3, the skill directs the agent to use local search tools such as Grep or Glob to analyze the existing codebase for relevant models and components. This operation is limited to searching the local project context to inform solution design.
- [PROMPT_INJECTION]: The skill creates a potential surface for indirect prompt injection by ingesting untrusted stakeholder requests from external sources like Slack or email. 1. Ingestion points: Phase 1 (capture and extract surface-level requests). 2. Boundary markers: Absent. 3. Capability inventory: Local file system search (Grep/Glob), file reading, and generating technical specifications. 4. Sanitization: Absent. This is a low-risk surface common to skills that process external input and is mitigated by the agent's underlying safety guardrails.
Audit Metadata