write-milestone-brief
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill performs expected development tasks such as reading and writing project files within the .gsd directory.\n- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it processes untrusted conversation history to generate durable artifacts.\n
- Ingestion points: Untrusted conversation history (SKILL.md)\n
- Boundary markers: Absent; the skill synthesizes the entire conversation without delimiters for external data.\n
- Capability inventory: The skill uses the
writetool for file system modification andmcp__github__issue_writefor external API interaction.\n - Sanitization: Absent; content is synthesized directly from user discussion into output files and issue bodies.
Audit Metadata