Skills
skills/buildgreatproducts/plaid/plaid-plan/Gen Agent Trust Hub

plaid-plan

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Node.js script scripts/validate-vision.js to validate and migrate product vision data stored in vision.json. This is an expected operational step for ensuring data integrity within the project context.
  • [PROMPT_INJECTION]: The skill features a surface for indirect prompt injection by reading user-generated JSON and Markdown files to facilitate the generation of subsequent project documents.
  • Ingestion points: vision.json, docs/product-vision.md, and docs/prd.md.
  • Boundary markers: Not explicitly defined in the intake instructions.
  • Capability inventory: The skill utilizes file system write access to the docs/ directory and executes Node.js commands.
  • Sanitization: While schema validation is performed by a local script, the instructions do not specify sanitization for natural language instructions embedded within the data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 09:32 PM