doc-cspec-autopilot
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it is designed to ingest and process data from external REQ (Requirement) and CTR (Contract) documents to generate CSPEC (Code Specification) deliverables.
- Ingestion points: The workflow identifies and reads data from upstream REQ and CTR documents during Phase 1 and Phase 3.
- Boundary markers: The instructions do not specify any delimiters or safety warnings for the agent to ignore potentially malicious instructions embedded within the source documents.
- Capability inventory: The skill allows the agent to generate and write YAML and Markdown files to the local file system.
- Sanitization: There are no requirements for sanitizing or escaping the content retrieved from upstream documents before it is interpolated into the generated CSPEC files.
Audit Metadata