project-execution
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes external task lists and implementation plans.
- Ingestion points: Reads implementation plans from the filesystem (e.g.,
docs/implementation-plan.md) and task descriptions to drive the execution loop (SKILL.md). - Boundary markers: Absent. The skill does not define specific delimiters or instructions for the agent to ignore potentially malicious instructions embedded within the ingested project plans.
- Capability inventory: The skill performs file system modifications, executes test runners (
pytest), and runs build automation tools (make) (SKILL.md). - Sanitization: Absent. No validation or escaping of external plan content is documented before processing.
- [COMMAND_EXECUTION]: The framework requires the execution of shell commands for validation and testing purposes.
- Evidence: The instructions direct the agent to run
pytest -v,make lint,make typecheck,make test, andmake coverageto verify implementation quality (SKILL.md).
Audit Metadata