Skills
skills/chachamaru127/claude-code-harness/harness-plan/Gen Agent Trust Hub

harness-plan

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses Bash to perform local repository analysis, executing commands like git status, git log, and git diff to synchronize planning documents with implementation state. It also utilizes cat, tail, jq, and grep to read configuration and trace files.
  • [EXTERNAL_DOWNLOADS]: The create subcommand uses the WebSearch tool to conduct technology research and identify architectural patterns based on user requirements during the planning phase.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes data from the local repository that could be influenced by external actors.
  • Ingestion points: The skill reads Plans.md, Git metadata via git log, and activity logs from .claude/state/agent-trace.jsonl.
  • Boundary markers: There are no explicit markers or instructions to isolate untrusted data from the agent's internal logic during processing.
  • Capability inventory: The skill has access to Bash, Write, Edit, and WebSearch tools.
  • Sanitization: There is no evidence of sanitization or strict validation of the data ingested from the repository before it influences the agent's actions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 11:45 AM