gherkin
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill reads and adapts its behavior based on existing .feature files and glossary configurations, which could allow malicious instructions embedded in those files to influence the agent.
- Ingestion points: The agent performs glob searches for
**/*.featureand grep searches for Gherkin keywords across the project, reading the content of any matches. It also readsglossary/glossary.config.ymland related context files. - Boundary markers: The instructions do not define clear boundary markers or provide explicit warnings for the agent to ignore instructions found within processed files.
- Capability inventory: The skill has the ability to read workspace files and perform file-write or append operations to .feature files.
- Sanitization: There is no specified sanitization or validation of the text content read from project files before it is used to influence the agent's output style and conflict detection logic.
Audit Metadata