bmad-check-implementation-readiness
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script (
_bmad/scripts/resolve_customization.py) to resolve configuration and customization settings from TOML files during activation and upon completion. This is a standard part of the vendor's workflow management.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it reads and extracts content from untrusted project artifacts (PRDs, Architecture, Epics, UX docs) to generate assessment reports.\n - Ingestion points: Project documents found in the
{planning_artifacts}directory (e.g.,*prd*.md,*epic*.md,*ux*.md).\n - Boundary markers: No specific delimiters or safety warnings are used to isolate the content of analyzed documents from the agent's instructions.\n
- Capability inventory: The agent can execute local shell commands (Python scripts), read project files, and write report artifacts.\n
- Sanitization: There is no evidence of sanitization or filtering applied to the text extracted from external documents before processing.
Audit Metadata