team-developer
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands to manage a git workspace, including git checkout, git pull, git add, git commit, and git push. While these are standard for a developer role, they represent a capability to modify the local environment and interact with remote repositories.
- [PROMPT_INJECTION]: The skill is designed to process external inputs (Full task text, Project context) provided by an orchestrator. There is a risk of indirect prompt injection if the task source is untrusted.
- Ingestion points: The orchestrator provides task text, steps, and code examples (documented in SKILL.md).
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands within the task text are present.
- Capability inventory: The agent can execute git commands and likely run arbitrary code during the TDD process via the superpowers:test-driven-development sub-skill.
- Sanitization: There is no evidence of input validation or sanitization for the provided task instructions.
Audit Metadata