development-guidelines
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill directs the agent to fetch and rely on external documentation, which constitutes an indirect prompt injection surface.
- Ingestion points: External documentation retrieved from the 'context7' MCP tool or web-search results as specified in SKILL.md.
- Boundary markers: Absent; the instructions lack delimiters or specific directives to ignore embedded instructions within the ingested content.
- Capability inventory: Although the skill is descriptive, the agent utilizing these guidelines is expected to have capabilities such as file system access and shell execution for development tasks.
- Sanitization: The skill does not provide any instructions for validating, escaping, or sanitizing the retrieved documentation before processing it.
Audit Metadata