authoring-test-plan
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is entirely instructional and does not perform any sensitive operations, command execution, or unauthorized network activity.
- [PROMPT_INJECTION]: The skill identifies an attack surface for indirect prompt injection as it ingests untrusted upstream documents (feature-spec, api-spec, and PRD) to derive its output.
- Ingestion points: External specification documents provided as context in SKILL.md (Workflow Step 2).
- Boundary markers: Absent; instructions do not require the use of delimiters for untrusted input data.
- Capability inventory: The skill is limited to content generation and standard research tool usage; it does not invoke high-privilege tools or perform file-write operations.
- Sanitization: Absent.
Audit Metadata