writing-plans
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill provides a standard template for development workflows. No malicious patterns, obfuscation, or unauthorized access attempts were detected.
- [COMMAND_EXECUTION]: The skill includes instructions to generate shell commands for
pytestandgit, which are necessary for the described development process. - [INDIRECT_PROMPT_INJECTION]: The skill processes user-provided specifications to generate executable plans, which constitutes an attack surface. Ingestion points: Untrusted data enters the context through user-provided specifications or requirements (referenced in the
description). Boundary markers: The skill does not explicitly define delimiters for the input specifications. Capability inventory: The skill allows for file creation (withindocs/plans/), Python code generation, and shell command generation (pytest,git). Sanitization: There is no evidence of input validation or sanitization for the provided specifications.
Audit Metadata