Skills
skills/bmad-code-org/bmad-method/bmad-review-adversarial-general/Gen Agent Trust Hub

bmad-review-adversarial-general

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill employs a strong persona ("cynical, jaded reviewer with zero patience") to frame the agent's response style. While this is an adversarial framing technique, it is used here to fulfill the skill's stated purpose of providing critical feedback rather than to bypass safety protocols.
  • [DATA_EXPOSURE]: The skill is designed to ingest and analyze untrusted external content via the content input, which presents a surface for indirect prompt injection.
  • Ingestion points: The content variable in the SKILL.md input section.
  • Boundary markers: There are no explicit delimiters or specific instructions provided to the agent to treat the content as untrusted or to ignore instructions embedded within it.
  • Capability inventory: The skill is limited to text generation and does not have the ability to execute code, access the filesystem, or make network calls.
  • Sanitization: No input validation or sanitization is defined for the content being reviewed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 04:19 PM
Security Audit — agent-trust-hub — bmad-review-adversarial-general