build-loop-cursor

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides high-level instructions for managing software development tasks. It uses standard development tools and practices such as running tests and performing code reviews.
  • [PROMPT_INJECTION]: The skill processes untrusted data from external sources including plan files (roadmaps, task lists) and user prompts. While this creates a potential surface for indirect prompt injection, the instructions are limited to technical implementation and verification steps.
  • Ingestion points: Plan files (roadmap, refactor plan, task list), specification documents, and user prompts (SKILL.md).
  • Boundary markers: None explicitly defined for isolating plan content or prompt data.
  • Capability inventory: Implementation of code changes, execution of the Cursor /review command, running project test suites, and running the application (SKILL.md).
  • Sanitization: No explicit sanitization or validation of the input data is described.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 12:42 PM