dev-swarm-stage-deployment
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection because it ingests and processes untrusted data from the local project environment.\n
- Ingestion points: The agent is instructed to read all markdown files from directories
00-init-ideas/through10-sprints/, as well asideas.mdand09-devops/execution-plan.mdin Step 1.\n - Boundary markers: There are no explicit instructions for the agent to use delimiters or ignore instructions embedded within the data files it reads.\n
- Capability inventory: The agent has the capability to create and modify infrastructure configuration files and execute deployment tasks (Step 6), including code merging, database migrations, and DNS configuration.\n
- Sanitization: No sanitization, validation, or filtering of the content read from the project files is performed before the agent uses that information to generate execution plans or perform deployment actions.
Audit Metadata