estimate
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's logic is entirely focused on analyzing project metadata and documentation to generate effort estimates. It does not use tools capable of modifying the system or exfiltrating data.
- [PROMPT_INJECTION]: The skill processes external data including user-provided task descriptions and local project files. 1. Ingestion points: The skill accepts a 'task-description' argument and reads files from 'design/gdd/' and 'production/sprints/'. 2. Boundary markers: No specific delimiters or safety instructions are used for the ingested content. 3. Capability inventory: The skill is restricted to 'Read', 'Glob', and 'Grep' tools, which are used for information gathering only. No file-writing or network tools are permitted. 4. Sanitization: No explicit sanitization is performed on input. While the ingestion surface exists, the limited toolset and read-only nature of the skill render this risk safe.
- [PROMPT_INJECTION]: The skill instructions include a 'Verdict: COMPLETE' message as part of its completion template. This was analyzed as a behavioral directive for the agent's output and not an attempt to obfuscate its security profile or override analysis.
Audit Metadata