gsp-scope-profile
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests user-controlled project documentation (project-state.md, requirements.md, quality-target.md) into the agent's context, which creates an indirect prompt injection surface.
- Ingestion points: project-state.md, requirements.md, and quality-target.md.
- Boundary markers: Absent.
- Capability inventory: Reads local documentation files and writes results to docs/game-studio/scope-profile.md.
- Sanitization: Absent.
Audit Metadata