goal-design

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns such as obfuscation, credential harvesting, or direct prompt injection were detected in the skill instructions.
  • [SAFE]: Indirect Prompt Injection Surface. The skill is designed to ingest external data (like tickets or issue descriptions) and restructure them into a detailed prompt template for an autonomous agent. While this pattern creates a surface for indirect prompt injection, it is the primary purpose of the skill.
  • Ingestion points: The skill accepts user-supplied task descriptions, tickets, or issues via the argument-hint field in SKILL.md.
  • Boundary markers: The provided templates do not utilize specific delimiters (e.g., XML tags) or safety instructions to separate untrusted user input from the surrounding prompt logic.
  • Capability inventory: The generated goal prompts suggest capabilities including shell command execution (tests, linting, building), file system modifications, and Git operations (creating branches, pushing code, opening PRs).
  • Sanitization: The skill does not perform any visible sanitization or validation of the input data before incorporating it into the final prompt output.
  • [SAFE]: The skill uses the !command`` syntax (Dynamic Context Injection) in a purely illustrative way within its own documentation or does not use it at all; no dangerous silent execution was found.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 02:26 PM
Security Audit — agent-trust-hub — goal-design