skills/eyh0602/dev-skills/implement/Gen Agent Trust Hub

implement

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill operates on instructions extracted from external plan files, which constitutes an indirect prompt injection surface. Ingestion points: Markdown plan files (.md) provided as arguments or located via git history and repository searches in SKILL.md. Boundary markers: The workflow extracts text between task headings and passes it directly to subagents without specific isolation markers. Capability inventory: Subagents possess the ability to modify the filesystem, execute tests, and perform git operations including commits and pull requests. Sanitization: The skill mitigates risks through a process-based control that checks for engineering review markers (e.g., GSTACK REVIEW REPORT) within the plan file, though it allows for a user-confirmed override.
  • [SAFE]: The skill follows secure development practices by enforcing a core loop that requires both specification compliance and code quality reviews for every task. This multi-stage verification process, combined with traceability in git history, ensures that automated changes are deliberate and verified against the intended design.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 10:54 PM
Security Audit — agent-trust-hub — implement