backlog-templates
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFE
Full Analysis
- Standardized Template Structure: The skill defines HTML and Markdown skeletons for ADO and GitHub work items. These templates use standard placeholders for domain-specific information, ensuring consistency across different planning agents.
- Content Sanitization Protocol: It establishes a clear protocol for cleaning data before it is emitted to external systems. This includes:
- Replacing local tracking directory paths with generic descriptive phrases.
- Converting absolute file system paths to workspace-relative references to avoid leaking host-specific directory structures.
- Explicitly removing embedded state JSON files while preserving verifiable standards identifiers like OWASP or NIST IDs.
- Human-in-the-Loop Governance: The skill defines three autonomy tiers (manual, supervised, autonomous) and mandates the placement of a disclaimer block in every artifact. This ensures that users are aware the content was AI-assisted and requires review by a qualified professional.
- Indirect Prompt Injection Surface: While the skill processes external data via template interpolation, it includes specific sanitization rules and human-review checkpoints as a primary mitigation strategy against potential data poisoning.
Audit Metadata