tracking-spec-writer
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is designed for documentation and data design workflows. It processes user input to generate a local HTML report. No malicious command execution, exfiltration, or persistence mechanisms were found.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to the processing of untrusted user requirements.\n
- Ingestion points: Product Requirement Documents (PRD), core user links, and descriptive text provided in the user prompt.\n
- Boundary markers: Absent; the instructions do not implement specific delimiters for untrusted input.\n
- Capability inventory: The skill generates HTML files by populating the 'assets/spec-template.html' template with user-provided data.\n
- Sanitization: There are no instructions for the agent to sanitize or escape user input before interpolation into the HTML template, which could result in XSS if the generated report is viewed in a browser.
Audit Metadata