bmad-gds
Pass
Audited by Gen Agent Trust Hub on Jun 27, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to ingest and process untrusted external data.
- Ingestion points:
SKILL.md(Step 1) explicitly collects data fromplaytest-feedbackandbug-or-build-issues. - Boundary markers: The instructions lack explicit boundary markers or delimiters to protect the agent from instructions embedded within the ingested data.
- Capability inventory: The skill is configured with
Read,Write,Bash,Grep, andGlobtools (SKILL.md frontmatter). - Sanitization: No sanitization or filtering mechanisms for the external input are defined.
- [EXTERNAL_DOWNLOADS]: The documentation references an external project repository on GitHub.
- Evidence:
REFERENCE.mdpoints tohttps://github.com/bmad-code-org/bmad-module-game-dev-studiofor upstream documentation. - [COMMAND_EXECUTION]: The skill uses shell tools and references a set of specialized CLI commands for game development tasks.
- Evidence: The
allowed-toolsincludesBash.REFERENCE.mdlists various commands such asbmad-gds-document-project,bmad-gds-game-brief, andbmad-gds-sprint-planningwhich are intended for execution by the agent.
Audit Metadata