Skills
skills/vamseeachanta/workspace-hub/gsd-validate-phase/Gen Agent Trust Hub

gsd-validate-phase

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) by design.
  • Ingestion points: Untrusted data enters via the {{GSD_ARGS}} parameter and by reading existing project artifacts like VALIDATION.md and SUMMARY.md (mentioned in the objective and process sections of SKILL.md).
  • Boundary markers: There are no explicit delimiters (e.g., XML tags or triple quotes) or negative constraints instructing the agent to ignore instructions embedded within the processed data.
  • Capability inventory: The skill utilizes spawn_agent to delegate work and performs file write operations to update VALIDATION.md, creating a path for malicious instructions in the data to trigger unauthorized actions.
  • Sanitization: No sanitization, escaping, or validation logic is defined for the ingested user input or file content before it is interpolated into the workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 04:33 AM