project-planner
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No instructions were found that attempt to bypass safety guidelines, override system behavior, or extract system prompts. The instructions are focused on project state detection logic.
- [DATA_EXFILTRATION]: No network operations, external requests, or hardcoded credentials were identified. The skill only references local project files and git metadata relevant to its purpose.
- [COMMAND_EXECUTION]: While the skill mentions git commands like
git logandgit status, these are used within the context of detection logic to suggest actions to the user rather than executing arbitrary or unauthorized shell commands. - [INDIRECT_PROMPT_INJECTION]: The skill ingests data from untrusted sources such as
docs/PLAN.mdand git commit messages. However, there are no capabilities in the skill that would allow these inputs to trigger dangerous actions like code execution or network requests. The scope is limited to suggesting predefined session commands. - [SAFE]: The skill's behavior matches its stated purpose as a project planning awareness layer. Its use of project metadata is legitimate and restricted to the repository context.
Audit Metadata