write-a-adr
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill describes a workflow that ingests untrusted data from bug reports, logs, and screenshots, which could be used to deliver indirect prompt injection attacks.
- Ingestion points: Processes user-provided bug reports, constraints, logs, screenshots, and codebase findings (SKILL.md).
- Boundary markers: The instructions do not define boundary markers or explicit safety directives to ignore embedded instructions within the ingested data.
- Capability inventory: The skill is capable of writing files to the local repository (
docs/adrs/,docs/issues/) and interacting with external project management tools like GitHub or Linear (SKILL.md). - Sanitization: There are no specified sanitization or validation steps for external content before it is processed by the agent.
Audit Metadata