Skills
skills/ducter-dev/mis-skills-ai/scrum-master/Gen Agent Trust Hub

scrum-master

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from external project files.
  • Ingestion points: Document files such as docs/prd-*.md, docs/tech-spec-*.md, and docs/architecture-*.md are read into the agent's context during the 'Extract and Inventory' phase in commands/sprint-planning.md.
  • Boundary markers: The instructions do not define delimiters or provide warnings to the agent to ignore instructions embedded within the ingested requirement documents.
  • Capability inventory: The skill utilizes Read, Edit, Write, and TodoWrite tools to perform operations on the local file system and manage progress based on the processed inputs.
  • Sanitization: There is no evidence of validation or sanitization logic to strip potential malicious instructions from the requirements documents before they influence the agent's story creation and planning tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 08:47 PM
Security Audit — agent-trust-hub — scrum-master