backlog-as-code
Pass
Audited by Gen Agent Trust Hub on Jul 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified in the skill metadata or instructions. The skill is designed for local file operations and does not require network access, external dependencies, or elevated privileges.
- [PROMPT_INJECTION]: An indirect prompt injection surface is present as the skill processes content from the local file docs/BACKLOG.md. 1. Ingestion points: The skill reads from docs/BACKLOG.md during /backlog-list and /backlog-update operations. 2. Boundary markers: No delimiters or explicit instructions to ignore embedded commands are specified. 3. Capability inventory: The skill has the capability to write and append to the local docs/BACKLOG.md file. 4. Sanitization: No input validation or content sanitization is described in the skill definition.
Audit Metadata