requirements-engineering
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The markdown content contains only instructional patterns for requirements engineering and does not attempt to override agent safety protocols or system instructions.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths (e.g., .ssh, .env), or network operations (curl, wget) were detected across the skill files.
- [Obfuscation] (SAFE): All content is provided in cleartext markdown; no Base64, zero-width characters, or other encoding techniques were found.
- [Remote Code Execution] (SAFE): The skill does not include any scripts or package management files (package.json, requirements.txt) that would trigger external downloads or code execution.
- [Indirect Prompt Injection] (LOW): The skill facilitates the ingestion of external specification documents (e.g., PDFs), which constitutes an attack surface for indirect prompt injection. However, this is an inherent risk of the skill's primary function and no malicious patterns are present in the skill itself.
Audit Metadata