tool-design-sprint-prototype-plan
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is instructional and document-centric. No malicious code, obfuscated content, or dangerous system commands were detected across the provided files. References to external sources point to well-known and trusted design sprint resources.
- [PROMPT_INJECTION]: The skill ingests untrusted external data (storyboard, sprint questions), which constitutes a surface for indirect prompt injection. However, the risk is minimal because the skill's capabilities are limited to text generation.
- Ingestion points: storyboard, sprint questions, and founding hypothesis (SKILL.md).
- Boundary markers: None identified; the instructions do not include delimiters or warnings to ignore instructions embedded in the inputs.
- Capability inventory: Pure text generation for planning artifacts (SKILL.md, references/TEMPLATE.md). No tool use, network operations, or code execution are described.
- Sanitization: None; input data is processed directly as text.
Audit Metadata