skill-planner
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [SAFE]: The skill performs routine project management tasks, such as updating task status in 'specs/state.json' and 'TODO.md', which are consistent with its described purpose.
- [COMMAND_EXECUTION]: Executes Bash commands to manage local files and directories (mkdir, rm, cat). It uses jq for parsing and updating local state files, adhering to safe argument handling for metadata updates.
- [REMOTE_CODE_EXECUTION]: Uses the Task tool to delegate planning logic to a 'planner-agent' subagent. This is an internal architectural pattern for task decomposition and does not involve downloading or executing untrusted code from external sources.
Audit Metadata