Skills
skills/ashe-li/agent-skills/plan-archive/Gen Agent Trust Hub

plan-archive

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill performs standard file management operations using shell commands such as ls, mkdir, and mv to organize documentation within the project structure.\n- [PROMPT_INJECTION]: The skill reads implementation details and verification sections from markdown files in the plans/active/ directory. This creates a surface for indirect prompt injection where instructions embedded in these files could attempt to influence the agent's behavior during the archival process.\n
  • Ingestion points: Markdown files in plans/active/*.md are read using the Read tool in Step 2.\n
  • Boundary markers: Absent. The skill does not implement delimiters or system-level warnings to distinguish between its own instructions and the content of the plan files.\n
  • Capability inventory: The agent has access to Bash, Write, and Edit tools, which provide the capability to execute commands or modify files if an injection were successful.\n
  • Sanitization: None. The content read from the plan files is not validated or sanitized before the agent processes it for verification.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 02:14 AM