creating-user-stories
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to process untrusted source documents such as product specifications and meeting notes. While it does not define explicit boundary markers for these inputs, the instructions enforce a rigid "one-action-one-benefit" grammar for outputs and mandate human verification. These constraints, combined with the lack of sensitive system access, effectively mitigate the risk of indirect prompt injection.
- [COMMAND_EXECUTION]: The skill utilizes Notion MCP tools for fetching and updating documents. It provides clear technical guidance for managing content updates safely in shared environments and handling platform-specific constraints like block-anchor linking. These operations are strictly limited to the skill's intended purpose of document maintenance and do not involve arbitrary shell commands or unauthorized network requests.
Audit Metadata