Skills
skills/bmad-code-org/bmad-method/bmad-help/Gen Agent Trust Hub

bmad-help

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches module documentation (e.g., llms.txt) from remote URLs or local paths specified in the _bmad/_config/bmad-help.csv configuration file to answer user questions about specific modules.
  • [PROMPT_INJECTION]: The skill processes untrusted data from local CSV files and remote documentation URLs to generate responses and recommend actions, which creates a surface for indirect prompt injection.
  • Ingestion points: Data enters the agent context from the bmad-help.csv file and remote URLs specified within it.
  • Boundary markers: No specific delimiters or "ignore embedded instructions" warnings are used when processing this data.
  • Capability inventory: The skill can recommend and offer to execute other BMad skills based on the identified workflow state.
  • Sanitization: No sanitization or validation of the fetched external documentation content is specified.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 11:18 AM
Security Audit — agent-trust-hub — bmad-help