user-story-writing
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No security threats were identified. The skill is instructional and focuses on requirements engineering best practices.
- [NO_CODE]: The skill consists of Markdown documentation only and does not include any Python, JavaScript, or shell scripts.
- [PROMPT_INJECTION]: Analysis of the indirect prompt injection surface: 1. Ingestion points: The skill accepts 'requirements' and 'personas' as Markdown input. 2. Boundary markers: There are no explicit delimiters or instructions to ignore nested prompts. 3. Capability inventory: Capabilities are limited to generating 'user_stories.json', 'user_stories.md', and 'story_map.md' text files; no command execution or network access is present. 4. Sanitization: No input validation or sanitization is performed on the requirement text.
Audit Metadata