SPACE-review-board
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines a structured text-based workflow for document analysis and does not contain any executable code, shell scripts, or network request patterns.
- [DATA_EXPOSURE]: While the skill processes potentially proprietary product requirements, it lacks any mechanism to transmit this data externally or access local system credentials.
- [PROMPT_INJECTION]: The skill uses structured personas to perform a specific task without attempting to override system safety guardrails or extract system prompts.
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest untrusted documentation for review. Ingestion points: User-provided PRDs, functional specs, and prototypes described in SKILL.md. Boundary markers: None present. Capability inventory: The skill has no capabilities to execute code, perform network operations, or write to the file system. Sanitization: None present. The potential impact is restricted to the quality and accuracy of the generated review report within the chat session.
Audit Metadata