Skills
skills/bmad-code-org/bmad-utility-skills/bmad-os-diataxis/Gen Agent Trust Hub

bmad-os-diataxis

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill's operations are limited to documentation files and are consistent with its stated purpose. It does not perform network operations or access system-level configuration.\n- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill accesses documentation files within the project (e.g., docs/_STYLE_GUIDE.md). This access is localized and intended for its function, with no evidence of sensitive data harvesting or external data transmission.\n- [INDIRECT_PROMPT_INJECTION]: The skill processes content from user-controlled files, which is an inherent surface for indirect prompt injection.\n
  • Ingestion points: Reads docs/_STYLE_GUIDE.md and user-specified target files as part of its doc editing flow.\n
  • Boundary markers: No specific delimiters are used when passing file content to subagents.\n
  • Capability inventory: The agent uses an Edit tool for file modifications.\n
  • Sanitization: No explicit sanitization or validation of the ingested document content is performed.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 06:17 PM