Skills
skills/donchitos/claude-code-game-studios/sprint-plan/Gen Agent Trust Hub

sprint-plan

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection surface identified in the ingestion of project documentation.
  • Ingestion points: Reads files from production/milestones/, production/sprints/, design/gdd/, and production/risk-register/ (SKILL.md).
  • Boundary markers: Missing; the agent interpolates external document content directly into its reasoning process.
  • Capability inventory: Includes Write, Edit, and the Task tool for spawning sub-agents (SKILL.md).
  • Sanitization: None; external text is not validated or escaped before processing.
  • [COMMAND_EXECUTION]: Execution of shell commands via dynamic context injection at load time.
  • Evidence: !ls production/sprints/ 2>/dev/null in the frontmatter context field.
  • Analysis: Used for benign discovery of existing sprint files to populate the agent's context. Does not include user-controllable arguments.
  • [COMMAND_EXECUTION]: Utilization of the Task tool for agent-to-agent delegation.
  • Evidence: Spawns a producer agent using the PR-SPRINT gate (Phase 4).
  • Analysis: Standard multi-agent orchestration pattern for reviewing project feasibility.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 12:16 AM
Security Audit — agent-trust-hub — sprint-plan