gsd-manager
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's logic and instructions do not contain malicious code, obfuscation, or unauthorized external interactions. It functions as a coordinator for project workflows.
- [COMMAND_EXECUTION]: The skill executes local scripts such as
gsd-tools.cjsand uses agent-spawning tools to manage tasks. These operations are performed within the local workspace and are necessary for the skill's stated purpose of phase management. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface through its ingestion of local planning files.
- Ingestion points: Reads contents of
.planning/STATE.mdand.planning/ROADMAP.mdduring the workflow refresh loop. - Boundary markers: No explicit delimiters are specified in the wrapper instructions for the content of these files.
- Capability inventory: Features the ability to spawn sub-agents (
spawn_agent), execute skill commands, and write to user terminals. - Sanitization: Content is processed by a workflow engine that utilizes structured mapping for agent collaboration.
- Evaluation: The risk is minimal as the ingested files are local project metadata, and the execution relies on structured agent interfaces rather than direct shell interpolation.
Audit Metadata