Skills
skills/agilebydesign/agilebydesign-skills/abd-cost-of-delay/Gen Agent Trust Hub

abd-cost-of-delay

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). It instructs the agent to ingest untrusted data from a user's backlog or context and use it to construct shell commands.
  • Ingestion points: User-provided backlog items, story maps, and briefs (SKILL.md, 'Do the work' Step 1).
  • Boundary markers: The instructions do not define clear boundary markers or guidelines to prevent the agent from following malicious instructions embedded within the backlog data.
  • Capability inventory: The agent is tasked with executing shell commands (python scripts/cd3_table.py ...) in SKILL.md (Steps 6 and 7).
  • Sanitization: There is no requirement for the agent to sanitize or escape user-controlled strings before they are used as command-line arguments, which is a common vulnerability surface.
  • [COMMAND_EXECUTION]: The skill uses shell commands to run local Python scripts (cd3_table.py) for its core functionality. While the scripts provided with the skill are safe, the method of building these commands by interpolating feature names directly from the user's context creates a potential command injection vector if the feature names contain shell metacharacters.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 06:12 AM
Security Audit — agent-trust-hub — abd-cost-of-delay