sdd-propose
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a documentation-centric workflow for software design development. It reads project specifications and generates markdown artifacts without malicious intent.
- [COMMAND_EXECUTION]: While the skill manages file creation, it does not execute shell commands or system-level processes.
- [PROMPT_INJECTION]: An indirect prompt injection surface exists (Category 8) because the skill processes data from existing project files. Ingestion points: .specs/specs/ directory and .specs/.sdd/schema-config.yaml. Boundary markers: Absent. Capability inventory: File read/write operations; no network or execution capabilities. Sanitization: Absent.
Audit Metadata