drafts
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-provided architectural ideas and writes them into draft files, which creates a surface for indirect prompt injection where malicious instructions in the input could influence the draft content or subsequent agent actions.
- Ingestion points: Reads user-supplied ideas and context to generate drafts.
- Boundary markers: Absent. The skill does not define delimiters or provide instructions to ignore embedded commands within the input text.
- Capability inventory: Performs file system write operations to the
.agents/draftsdirectory and executes theEnterPlanModetool. - Sanitization: Absent. The skill does not specify any validation or sanitization for the content being processed and written.
Audit Metadata