epic-plan
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from local analysis files and user input to generate commands and instructions for subsequent agent actions. This creates an attack surface where a maliciously crafted analysis file could influence the agent's behavior in future sessions or when invoking tools.
- Ingestion points:
docs/epic/{project-name}/analysis.mdand$ARGUMENTS. - Boundary markers: Absent. The skill does not use delimiters or instructions to ignore embedded commands within the ingested data.
- Capability inventory: The skill performs file system reads and writes, and generates invocations for the
/workflow-analyzetool. - Sanitization: No validation or sanitization is performed on the content of the analysis files before processing.
Audit Metadata