turn2spec
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted source documents such as design docs and ADRs, which introduces an attack surface for indirect prompt injection where malicious instructions in the source text could influence the agent's behavior.
- Ingestion points: Reads source material from user-provided file paths or pasted text in Stage 1.
- Boundary markers: No delimiters are specified to isolate the source content from the skill's instructions.
- Capability inventory: Uses the 'Write' and 'Edit' tools to generate the final specification file in Stage 4.
- Sanitization: The skill filters technical implementation details but does not explicitly sanitize for malicious instructions or potential injection patterns.
Audit Metadata