analyzing-use-cases
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to read and process external data from Jira tickets and research documents, which constitutes an attack surface for indirect prompt injection.\n
- Ingestion points: Content is ingested from user-provided Jira tickets and research files in Step 1 of the SKILL.md process.\n
- Boundary markers: The skill lacks explicit instructions for the agent to use delimiters or to disregard potential instructions embedded within the ingested text.\n
- Capability inventory: The skill can read and write files via TodoWrite, Read, and Grep tools, and its outputs are intended to guide downstream code implementation and testing skills.\n
- Sanitization: There are no defined sanitization or validation steps for the content extracted from external sources.\n- [COMMAND_EXECUTION]: The skill performs automated file system operations to manage project documentation and configuration.\n
- Evidence: The process involves reading metadata from $CLAUDE_DOCS_ROOT/projects.yaml and writing use case documents to the $CLAUDE_DOCS_ROOT/use-cases/ directory.
Audit Metadata