Skills
skills/xobotyi/cc-foundry/task-decomposition/Gen Agent Trust Hub

task-decomposition

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to ingest and process technical design documents from the design-docs/ directory.
  • Ingestion points: Technical design files located in the design-docs/ directory.
  • Boundary markers: There are no explicit instructions or delimiters defined to prevent the agent from following instructions embedded within the technical design documents.
  • Capability inventory: The skill can write files to the local filesystem (design-docs/) and interact with external task tracking systems via the task-creation skill.
  • Sanitization: The skill does not implement sanitization or validation of the input data before incorporating it into the decomposition process.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 04:45 AM
Security Audit — agent-trust-hub — task-decomposition