resolve
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill accepts untrusted data via user arguments, creating an indirect prompt injection surface.
- Ingestion points: Use of
$ARGUMENTSinSKILL.mdallows external data into the execution flow. - Boundary markers: Absent; no delimiters are used to wrap the input.
- Capability inventory: Invokes
/compound-engineering:resolve_todo_parallel, which possesses the capability to modify project code based on its description. - Sanitization: Absent; the skill passes arguments directly to the tool without validation.
Audit Metadata