bmad-editorial-review-prose
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill functions as a text-processing utility with no external capabilities, system access, or tool usage specified.\n- [PROMPT_INJECTION]: The skill processes untrusted input via the 'content' and 'style_guide' parameters, which constitutes a surface for indirect prompt injection (Category 8). \n
- Ingestion points: Input parameters 'content' and 'style_guide' in SKILL.md.\n
- Boundary markers: The skill uses 'CONTENT IS SACROSANCT' and 'Skip code/markup' instructions as logical boundaries, though no unique tokens are used.\n
- Capability inventory: The skill has no capabilities beyond text generation; there are no network, file, or command execution tools available.\n
- Sanitization: No sanitization is performed on input text before processing.\n
- Risk Assessment: Because the skill lacks dangerous tools or system access, any potential injection is limited to manipulating the editorial feedback output.\n- [SAFE]: No obfuscation, hardcoded credentials, data exfiltration patterns, or persistence mechanisms were detected in the skill instructions or metadata.
Audit Metadata