executing-plans
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides procedural guidance for software development workflows and does not contain any executable code or malicious commands.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection (Category 8) because it reads and executes instructions from external implementation plans.
- Ingestion points: Step 1 (Read plan file).
- Boundary markers: Absent; the skill does not use specific delimiters to isolate plan content.
- Capability inventory: The skill enables the agent to perform task implementation and verification, which typically involves file system modifications and CLI command execution.
- Sanitization: The skill includes a manual mitigation by requiring the agent to "review critically" and raise concerns with a human partner before execution.
Audit Metadata