Skills
skills/vamseeachanta/workspace-hub/gsd-execute-phase/Gen Agent Trust Hub

gsd-execute-phase

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface because it processes untrusted user input and workspace files to drive the execution of sub-agents.
  • Ingestion points: User arguments in {{GSD_ARGS}} and plan files in the workspace.
  • Boundary markers: Not present; the skill does not define delimiters to separate instructions from untrusted content.
  • Capability inventory: The skill utilizes agent spawning (spawn_agent) and user input requests (request_user_input).
  • Sanitization: No sanitization or input validation is specified.
  • [COMMAND_EXECUTION]: The skill instructions reference the use of 'gsd-tools' to initialize the execution phase, representing a capability to execute framework-specific CLI commands based on the analysis of workspace files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 04:33 AM