plan
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses a designated tool (mcp__goldfish__plan) to store and retrieve strategic plans. All instructions are focused on legitimate task management and session persistence.
- [PROMPT_INJECTION]: No attempts to override safety guidelines or bypass agent constraints were detected. The instructions are functional guidelines for the agent to maintain high-quality project documentation.
- [DATA_EXFILTRATION]: No sensitive file paths, hardcoded credentials, or unauthorized network operations are present. The skill only interacts with its own memory management tool.
- [INDIRECT_PROMPT_INJECTION]: The skill manages persistent text content which is an inherent surface for indirect injection; however, as this is the primary purpose of a planning tool and no malicious instructions are present in the skill itself, it is considered safe.
- Ingestion points: Plan 'content' and 'title' fields within the SKILL.md tool examples.
- Boundary markers: None explicitly defined within the skill content structure.
- Capability inventory: Storage and retrieval of planning metadata and task lists.
- Sanitization: Not implemented at the skill definition level.
Audit Metadata