definition-of-done
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection vulnerability surface.
- Ingestion points: milestones.yaml, business-requirements.yaml, and technical-requirements.yaml.
- Boundary markers: Absent; no instructions provided to distinguish data from commands.
- Capability inventory: File write access (definition-of-done.yaml) and text output generation.
- Sanitization: No validation or escaping of input data is performed.
Audit Metadata