Skills
skills/andreaserradev-gbj/dev-workflow/dev-plan/Gen Agent Trust Hub

dev-plan

Pass

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local helper scripts (scripts/discover.sh and scripts/validate.sh) via the Bash tool to perform project root discovery and feature name normalization. These scripts are strictly scoped to internal logic.
  • [EXTERNAL_DOWNLOADS]: The specialized agents (prd-researcher and prd-planner) are configured with WebFetch and WebSearch tools to allow the agent to gather external architectural patterns or documentation during the research phase.
  • [SAFE]: The skill includes robust security guidelines, such as the use of scripts/validate.sh to prevent path traversal and enforce safe slug naming for directories. It also explicitly instructs the agent to use placeholders for secrets and relative paths to avoid exposing absolute directory structures or credentials.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 26, 2026, 10:52 PM