Skills
skills/autumnsgrove/groveengine/squirrel-plan/Gen Agent Trust Hub

squirrel-plan

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it ingests untrusted data from external sources.
  • Ingestion points: The skill reads data from git logs and GitHub issue lists using the gw and gh CLI tools in SKILL.md.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded prompts are present in the command logic to separate user data from agent instructions.
  • Capability inventory: The skill has the capability to write to the user's environment by creating new GitHub issues via gw gh issue create in SKILL.md.
  • Sanitization: There is no evidence of sanitization, validation, or filtering of the external data before it is incorporated into the agent's planning context.
  • [COMMAND_EXECUTION]: The skill executes local commands to interact with version control and project management tools.
  • Evidence: Uses gw git log, gw gh issue list, and gw gh issue create to manage project data.
  • Context: These commands are fundamental to the skill's intended purpose and follow standard CLI automation patterns for developer tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 06:13 AM