cc-feat
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill incorporates a comprehensive internal security audit phase (S1-S5) triggered by sensitive keywords and behaviors, ensuring that generated code is reviewed for authentication, input validation, and data handling issues.\n- [COMMAND_EXECUTION]: Local utilities such as
grep,read-yaml, andvalidate-yamlare used to manage project state and verify compliance with architectural roadmaps.\n- [PROMPT_INJECTION]: The skill processes untrusted input from external requirement and architecture documents, which constitutes an indirect prompt injection surface.\n - Ingestion points: Requirements (REQ), architecture (ARCH) documents, and items.yaml files are read into the agent's context during the design and implementation phases.\n
- Boundary markers: There are no explicit instructions or delimiters defined to isolate the content of these external documents from the skill's operational instructions.\n
- Capability inventory: The skill has the ability to write source code and execute local scripts like
review-generate.mjs.\n - Sanitization: No explicit content filtering is performed on ingested technical documents prior to their use in code generation, although the output code is subject to a secondary internal audit.
Audit Metadata