task-planning
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill includes a dedicated module (modules/tech-stack-patterns.md) that promotes security best practices by providing comprehensive lists of sensitive files and directories (such as .env, .aws/, and .pem keys) to be excluded from version control systems.
- [PROMPT_INJECTION]: No direct malicious prompt injection patterns, such as instructions to ignore safety guidelines or reveal system prompts, were detected in the skill's source files.
- [COMMAND_EXECUTION]: The skill's documentation mentions command-line tools like uv, pytest, and mypy. These are referenced solely for project setup and verification examples and do not represent automated or unsafe execution by the agent.
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface (Category 8):
- Ingestion points: The skill processes specifications and implementation plans to generate tasks (referenced in SKILL.md).
- Boundary markers: Absent. There are no defined delimiters or instructions for the agent to ignore potentially malicious embedded content within the ingested specifications.
- Capability inventory: The skill defines a planning workflow and lists superpowers:executing-plans as a dependency, suggesting that the generated tasks are intended for downstream execution.
- Sanitization: Absent. The skill does not provide mechanisms to sanitize or validate the content of specifications before task generation.
Audit Metadata