bmad-spec
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified. The skill acts as a text processor using a predefined markdown template. \n- [NO_CODE]: The skill consists purely of Markdown instructions and templates. No Python, JavaScript, or shell scripts are present, which prevents any code-based attacks. \n- [PROMPT_INJECTION]: The skill's ingestion of untrusted meeting transcripts and notes constitutes a surface for indirect prompt injection. However, this is assessed as safe given the tool's limited capability to only modify local markdown files without network or execution privileges. \n
- Ingestion points: User-provided text, notes, and transcripts ingested via the
Readtool (SKILL.md). \n - Boundary markers: None; the skill does not explicitly delimit untrusted input from its core instructions. \n
- Capability inventory: Access is restricted to
Read,Write,Edit,Glob,Grep, andTodoWritefor local file management. \n - Sanitization: No specific sanitization logic is applied to the ingested text.
Audit Metadata