Skills
skills/donchitos/claude-code-game-studios/dev-story/Gen Agent Trust Hub

dev-story

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes content from multiple external files which then direct the behavior of the agent and its sub-agents.
  • Ingestion points: The skill reads data from story files (production/epics/**/*.md), the TR registry (docs/architecture/tr-registry.yaml), Governing ADRs (docs/architecture/*.md), and the control manifest (docs/architecture/control-manifest.md).
  • Boundary markers: The instructions do not explicitly mandate the use of delimiters or 'ignore embedded instructions' warnings when passing the extracted content to sub-agents via the Task tool.
  • Capability inventory: The skill uses powerful tools including Bash, Write, and Task (to spawn other agents). This creates a path where malicious instructions in a story file could lead to the execution of dangerous shell commands or the creation of malicious code.
  • Sanitization: There is no mention of sanitizing, escaping, or validating the external content before it is interpolated into prompts for the sub-agents.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 11:50 AM