014-agile-user-story
Pass
Audited by Gen Agent Trust Hub on Jul 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill follows best practices by using structured questions and enforcing boundaries on how user-provided data is interpreted.
- [PROMPT_INJECTION]: The skill incorporates robust defenses against indirect prompt injection. Ingestion points: User answers to the questionnaire in the reference file. Boundary markers: Present; the agent is explicitly instructed to treat responses as structured story data and ignore embedded instructions. Capability inventory: No high-risk capabilities such as code execution or network access are utilized. Sanitization: Users are required to provide sanitized summaries of any external content.
- [DATA_EXFILTRATION]: The skill does not perform network operations or access sensitive local files or environment variables.
- [REMOTE_CODE_EXECUTION]: No patterns of remote code download or execution were identified in the skill instructions or scripts.
Audit Metadata