overdo-plan
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill ingests untrusted markdown files which could contain hidden instructions aimed at influencing the agent's behavior during task creation. Evidence Chain: 1. Ingestion points: Targeted markdown files read via the tool. 2. Boundary markers: No explicit delimiters or instructions for the agent to ignore embedded commands within the markdown are specified. 3. Capability inventory: Uses MCP tools
overdo_init,overdo_plan_import, andoverdo_task_list. 4. Sanitization: Structural validation of the task graph and strict whitelisting of gate types (lint, unit, integration, e2e) are enforced before execution. - Safe Practices (SAFE): The skill follows security best practices by explicitly forbidding shell command execution and requiring specific tool presence before proceeding.
Audit Metadata