octocode-plan
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it processes research findings and external data to generate actionable implementation plans.
- Ingestion points: External data retrieved through the octocode-researcher skill and project-specific metadata from .octocode/context/context.md.
- Boundary markers: The skill uses explicit 'Gate Checks' and 'Triple Lock' approvals, requiring human confirmation before writing files or proceeding to implementation.
- Capability inventory: The agent is authorized to read and write to the local file system and execute build and test scripts using package managers like npm and yarn.
- Sanitization: The agent is instructed to summarize research and plans for the user to review and approve before any changes are finalized.
- [COMMAND_EXECUTION]: The skill invokes local shell commands to verify code integrity during the verification phase.
- Evidence: Instructions in Phase 4 specify the execution of npm run build, yarn build, npm run lint, and npm test to ensure project health after changes.
Audit Metadata