writing-plans
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest untrusted data in the form of 'specs' or 'requirements' and transform them into actionable implementation plans. Ingestion points: User-provided task specifications (SKILL.md). Boundary markers: The skill lacks explicit markers or instructions to isolate or ignore embedded commands within the input specs. Capability inventory: The skill produces output containing file-write operations and shell commands (SKILL.md). Sanitization: No input validation or escaping mechanisms are specified.
- [No Code Content] (SAFE): The skill consists exclusively of instructional markdown and YAML metadata. It does not ship with any Python, JavaScript, or binary files, which mitigates many common attack vectors associated with malicious scripts.
Audit Metadata