executing-plans
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill processes implementation plans from
docs/plans/which could contain malicious instructions if the files are influenced by an untrusted source. - Ingestion points: Reads plan files from the
docs/plans/directory (SKILL.md). - Boundary markers: Includes a mandatory critical review step where the agent must raise concerns with a human partner before execution (SKILL.md).
- Capability inventory: The agent is instructed to 'Follow each step exactly' and 'Run verifications', implying general task execution capabilities (SKILL.md).
- Sanitization: No automated sanitization is present; reliance is placed on manual human review.
- [NO_CODE]: This skill consists entirely of markdown instructions and does not include any executable scripts or binary files.
Audit Metadata