test-spec
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it is instructed to read and process data from multiple project files (e.g., docs/PRD.md, docs/UX_SPEC.md). An attacker with write access to these source files could include instructions intended to influence the generated output in docs/TEST_SPEC.md.
- Ingestion points: File reads from the docs/ directory.
- Capability inventory: The agent is permitted to use Read, Write, Glob, Grep, and AskUserQuestion tools.
- Boundary markers: The instructions do not define clear delimiters or specify that embedded instructions in source files should be ignored.
- Sanitization: There is no explicit requirement for the agent to sanitize or validate the content of the documentation before generating the test specification.
Audit Metadata