slice
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill includes links to images hosted on 'images.thoughtbot.com' within its educational documentation. These resources are hosted on the author's legitimate infrastructure and are used for instructional purposes.
- [DATA_EXFILTRATION]: The instructions reference local file paths within the skill's own installation directory (e.g., '~/.claude/skills/slice/examples/'). This is a standard method for the skill to access its own example templates and formatting guidelines.
- [PROMPT_INJECTION]: The skill is designed to ingest and process user-provided feature descriptions to generate 'job stories'. While this is a surface for indirect prompt injection, the skill is explicitly configured with 'disable-model-invocation: true', which prevents the agent from executing tools or commands based on the generated content, neutralizing the risk.
- [PROMPT_INJECTION]: Ingestion points: Phase 1 and Phase 2 of 'SKILL.md' prompt the user for open-ended feature details. Boundary markers: None. Capability inventory: Limited to text generation; model invocation is disabled. Sanitization: None.
Audit Metadata