Skills
skills/donchitos/claude-code-game-studios/regression-suite/Gen Agent Trust Hub

regression-suite

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the ingestion of external project data.
  • Ingestion points: The skill reads potentially untrusted content from bug reports (production/qa/bugs/*.md), sprint plans, and design documents (design/gdd/systems-index.md) during the context loading phase (Steps 2c and 2d).
  • Boundary markers: There are no explicit markers or instructions to the agent to treat content from these external files as non-executable data rather than instructions, potentially allowing embedded malicious prompts to influence agent behavior during the audit.
  • Capability inventory: The skill utilizes Read, Glob, Grep, Write, and Edit tools, granting it the ability to modify files in the repository based on the parsed data.
  • Sanitization: No sanitization or validation logic is present to filter or escape instructions found within the bug reports or GDD files before they are processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 06:28 PM