create-user-stories
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a document generator that operates within a confined local directory (.chalk/docs/product/) and uses standard tools for reading and writing markdown files.
- [DATA_EXFILTRATION]: No network tools are enabled, and no exfiltration patterns or external URLs were detected.
- [REMOTE_CODE_EXECUTION]: No remote code patterns, package installations, or script execution triggers were found in the workflow.
- [PROMPT_INJECTION]: Instructions follow a task-oriented structure without attempts to bypass filters. The skill processes documentation (Ingestion points: Product Profile and PRD files in .chalk/docs/product/; Boundary markers: Absent; Capability inventory: Read, Glob, Grep, and Write tools; Sanitization: Absent) but lacks the capability to exploit this surface for malicious behavior.
Audit Metadata