roadmap-updater
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONNO_CODE
Full Analysis
- PROMPT_INJECTION (HIGH): The skill processes untrusted git commit history and has the capability to write to the filesystem (ROADMAP.md), creating a surface for indirect prompt injection. 1. Ingestion points: Git commit messages. 2. Boundary markers: Absent; there are no instructions to differentiate commit data from agent directives. 3. Capability inventory: File-write access to local repository files. 4. Sanitization: Absent; no validation or filtering of commit content is described.
- NO_CODE (INFO): The skill consists of instructions and metadata only, with no executable logic or scripts present.
Recommendations
- AI detected serious security threats
Audit Metadata