execute-plan
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes verification commands, test suites, and build scripts as defined within implementation plans (e.g., docs/plans/SUMMARY.md). This provides a mechanism to run arbitrary shell commands on the host system.\n- [PROMPT_INJECTION]: The skill processes data from implementation plans that act as instructions for the agent, presenting an attack surface for indirect prompt injection.\n
- Ingestion points: Plan files and phase definitions located in the docs/plans/ directory (Step 1.1, 1.2).\n
- Boundary markers: The skill does not employ explicit delimiters or system instructions to distinguish between plan data and command instructions, nor does it warn the agent to ignore embedded instructions.\n
- Capability inventory: Execution of shell commands via verification tasks (Step 2.4) and project-wide validation (Step 3.1), as well as broad file writing capabilities (Step 2.3, 4.2).\n
- Sanitization: Only structural sanity checks are performed to ensure objectives and commands are present (Step 1.5); no validation of the command content or intent is performed.
Audit Metadata