vibe-techdesign
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting content from user-provided files in the project directory.
- Ingestion points: The skill reads docs/PRD-.md and docs/research-.md files for architectural context.
- Boundary markers: No delimiters or specific instructions to ignore embedded directives are present for processed content.
- Capability inventory: The skill has access to Read, Write, Glob, Grep, and WebSearch tools.
- Sanitization: No evidence of file content validation or sanitization before processing.
Audit Metadata