implement-improvements
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill parses and processes natural language descriptions from a local backlog file, which could contain malicious instructions if the file content is influenced by an untrusted source.
- Ingestion points: "SKILL.md" (Step 1) reads and parses the ".turbo/improvements.md" file.
- Boundary markers: The skill does not use specific delimiters or instructions to ignore embedded commands when passing parsed content (Summary, Rationale) to sub-skills like "/investigate" or "/turboplan".
- Capability inventory: The skill possesses significant capabilities, including reading project source code and invoking powerful sub-skills such as "/implement" (which can write and execute code) and "/investigate".
- Sanitization: No explicit sanitization, escaping, or validation of the backlog entry content is performed before it is interpolated into commands for other skills.
Audit Metadata