process-spec
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill's operations are transparent and limited to its documented scope. It uses standard tools to read project files for analysis and writes documentation output to the docs/ directory. No malicious intent or suspicious behavioral patterns were identified.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it ingests untrusted data from user requirements and existing codebase documentation without explicit sanitization or boundary markers. This is a common characteristic of documentation-centric skills.
- Ingestion points: User inputs in Step 1 and codebase/documentation files analyzed in Steps 2 and 3.
- Boundary markers: Absent in the instructions for separating ingested content from the primary prompt logic.
- Capability inventory: Filesystem read access (Grep, Read, Glob) and file write access to the project's docs/ directory.
- Sanitization: No explicit validation or filtering of external content is performed before it is processed by the agent context.
Audit Metadata