blueprint
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The documentation includes installation instructions to clone a repository from an untrusted GitHub account ('antbotlab/blueprint').\n- [DATA_EXFILTRATION]: To function, the skill accesses local project files and codebase metadata. While intended for planning, this involves reading sensitive local data from the environment.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it incorporates external data into its context during the planning phase.\n
- Ingestion points: Local codebase files and user-defined objectives provided via the /blueprint command.\n
- Boundary markers: The skill does not define specific markers or guardrails to isolate ingested content from its own instructions.\n
- Capability inventory: The skill is restricted to information synthesis and markdown generation; it lacks explicit configurations for system-level execution or network operations.\n
- Sanitization: No mechanisms for filtering or sanitizing the input data are specified in the provided instructions.
Audit Metadata