jury-system
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. It interpolates untrusted data (such as user stories, research quotes, and prototype descriptions) directly into prompts without using delimiters or boundary markers. This allows malicious content within the processed data to potentially override the agent's persona instructions.
- Ingestion points: Multiple prompt templates in
SKILL.md, including Research Validation, PRD Validation, and Prototype Evaluation. - Boundary markers: Absent; data variables are interpolated directly into the instruction text.
- Capability inventory: The skill body contains prompt logic and markdown but no direct code execution or network requests in the provided file.
- Sanitization: No input validation or sanitization is mentioned or implemented in the provided prompt templates.
Audit Metadata