Skills
skills/coinbase/cds/feature-planner/Gen Agent Trust Hub

feature-planner

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it ingests and processes untrusted data from multiple external sources.
  • Ingestion points: User-provided feature descriptions, Figma design context via get_design_context, and visual content (screenshots/images) via the Read tool.
  • Boundary markers: The skill instructions do not explicitly require the use of delimiters or 'ignore embedded instructions' warnings when handling user or external input.
  • Capability inventory: The skill can read local files, access Figma designs, and create issues in Linear via MCP tools.
  • Sanitization: There are no instructions for validating or sanitizing the content retrieved from external visual references or user inputs before incorporating them into technical plans or Linear issues.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 02:34 AM