feature-validate
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes language-specific quality gate commands such as 'make check', 'pytest', and 'npm test' based on detected project languages.
- [COMMAND_EXECUTION]: The skill uses local platform scripts located at '
/.claude/scripts/feature-state.py' and '/.claude/scripts/learning-db.py' to update feature state and log validation results. - [PROMPT_INJECTION]: The skill processes implementation artifacts and command outputs which presents a risk of indirect prompt injection. (1) Ingestion points: Reads implementation artifacts from '.feature/state/implement/', repository patterns from 'CLAUDE.md', and output from shell-executed test suites. (2) Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore embedded commands within implementation files or test logs. (3) Capability inventory: The skill has access to shell execution via Bash and state management via specialized local scripts. (4) Sanitization: There is no evidence of validation or escaping of ingested data before it is incorporated into validation reports or used to drive state transitions.
Audit Metadata