design-principles
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface by design, as it ingests untrusted data from the local environment.
- Ingestion points: The skill reads all files within the
context/directory, as well asdesign-principles.mdandcontext/sprint-roles.md, to establish background context for the session. - Boundary markers: There are no specified delimiters or instructions to ignore embedded commands when the AI reads and interprets these external files.
- Capability inventory: The skill's capabilities are limited to reading and writing text-based files within the local working directory; it lacks network access, shell command execution, or system-level privileges.
- Sanitization: The skill does not perform any validation or filtering of the content retrieved from the
context/folder before incorporating it into its reasoning process.
Audit Metadata