Skills
skills/binjuhor/shadcn-lar/planning/Gen Agent Trust Hub

planning

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • DATA_EXFILTRATION (MEDIUM): In references/codebase-understanding.md, the skill explicitly directs the agent to 'Analyze dotenv files and configuration'. Dotenv files frequently contain unencrypted secrets, API keys, and database credentials, posing a significant risk of sensitive data exposure.
  • COMMAND_EXECUTION (MEDIUM): The skill relies on executing several external commands and local scripts:
  • It executes node .claude/scripts/set-active-plan.cjs to manage session state.
  • It uses repomix --remote <github-repo-url> in references/research-phase.md to download and process remote repository content.
  • It uses the gh CLI to read logs, pull requests, and issues.
  • INDIRECT_PROMPT_INJECTION (LOW): The skill has a high surface area for indirect injection as it processes untrusted content from remote repositories and GitHub issues.
  • Ingestion points: Remote GitHub URLs via repomix, GitHub issues/PRs via gh, and external documentation via docs-seeker.
  • Boundary markers: None explicitly defined in the provided instructions to delimit untrusted data.
  • Capability inventory: File system access (reading/writing plans), environment variable modification, and shell command execution.
  • Sanitization: No sanitization or validation of the ingested data is specified before it is used to generate implementation plans.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:13 PM