Skills
skills/vamseeachanta/workspace-hub/gsd-discuss-phase/Gen Agent Trust Hub

gsd-discuss-phase

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Node.js script (gsd-tools.cjs) to retrieve configuration values from the vendor's toolset. This is a functional requirement of the framework.
  • [DATA_EXPOSURE]: Accesses local project files including PROJECT.md, REQUIREMENTS.md, and STATE.md to build context. This access is restricted to the local workspace and is intended for the skill's primary purpose.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it processes untrusted user arguments and workspace data that can influence downstream agent spawning.
  • Ingestion points: Processes user-supplied GSD_ARGS and various workspace markdown files.
  • Boundary markers: No explicit boundary markers or isolation instructions for external data are provided in the skill body.
  • Capability inventory: The skill can spawn agents (spawn_agent), read files, and execute local shell commands via Node.js.
  • Sanitization: No explicit input sanitization or validation of the phase number or file content is performed within this file.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 04:33 AM