clarify
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill maintains an indirect prompt injection surface as it ingests untrusted data from the codebase and user input for processing by subagents.
- Ingestion points:
SKILL.md(Core Loop, step 4: 'Explore instead of asking' and step 5: 'Record immediately'). - Boundary markers: There are no explicit instructions to use delimiters or ignore embedded instructions when passing the
qa-log.mdto the 'clarity-auditor' subagent. - Capability inventory: The skill has access to potentially powerful tools including
Bash,Read,Write, andEdit. - Sanitization: The skill does not define specific sanitization or filtering logic for the content read from the codebase or provided by the user.
Audit Metadata