project-blueprint-agent

Name: project-blueprint-agent
Author: zzhqqa478850-lang

Share on X Share on LinkedIn Share on Bluesky

40Medium

The skill lacks proper input validation, allowing arbitrary string injection into project rules that can override legitimate architectural constraints and compromise the agent's operational integrity.

ThreatsCI SM CS BC S HITL

Threat Analysis

AI Agent Traps ↗Scanned 6/22/2026

Content InjectionPerceptionclean

Semantic ManipulationReasoningclean

Cognitive StateMemory & Learning1 finding

Behavioural ControlActionclean

SystemicMulti-Agent Dynamicsclean

Human-in-the-LoopHuman Overseerclean

Skill Info

Namezzhqqa478850-lang/project-blueprint-agent

Registrygithub

Versionbc5cd95eebf0

PURLpkg:github/zzhqqa478850-lang/project-blueprint-agent@bc5cd95eebf0

Stars1

Source

Repository ↗SKILL.md ↗

Install

This skill has findings worth reviewing before installing.

GitHub

Skills.shDocs

npx skills add https://github.com/zzhqqa478850-lang/project-blueprint-agent

Assessments (2)

AI Agent Traps ↗

Implicit Memory Poisoning via Dynamic Rulesmediummemory poisoningAML.T0020AML.T0070LLM04:2025LLM08:2025

The instruction to 'immediately save' any new architectural constraint via `--add-rule` allows the agent to persist arbitrary strings into the tool's state, which could be used to inject malicious constraints or override legitimate project rules.

80% confidence

YOU MUST immediately save it by running python -m project_blueprint --add-rule "<your_rule>"

Missing usage exampleslowpolicy violation

Skill body contains no code blocks or usage examples, making it harder for users to evaluate.

100% confidence

Missing licenseinfopolicy violation

Skill does not specify a license field. Specifying a license helps users understand usage terms.

100% confidence

Badge

Markdown

[![Mondoo Skill Check](https://mondoo.com/ai-agent-security/api/badge/github/zzhqqa478850-lang/project-blueprint-agent.svg)](https://mondoo.com/ai-agent-security/skills/github/zzhqqa478850-lang/project-blueprint-agent)

HTML

<a href="https://mondoo.com/ai-agent-security/skills/github/zzhqqa478850-lang/project-blueprint-agent"><img src="https://mondoo.com/ai-agent-security/api/badge/github/zzhqqa478850-lang/project-blueprint-agent.svg" alt="Mondoo Skill Check" /></a>

Image URL

https://mondoo.com/ai-agent-security/api/badge/github/zzhqqa478850-lang/project-blueprint-agent.svg

Secure your AI agents

Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.

Continuous scanning of skills across all registries
Policy enforcement before skills reach your agents
Integration with your existing security workflow