writing-plans
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface.\n
- Ingestion points: User-provided 'spec or requirements' (SKILL.md).\n
- Boundary markers: Absent; the skill lacks explicit instructions to ignore or isolate malicious directives that might be embedded within the provided requirements.\n
- Capability inventory: Generates Python code, file modifications, and shell commands (e.g., pytest, git) intended for execution by subsequent tools and sub-skills like executing-plans and subagent-driven-development (SKILL.md).\n
- Sanitization: Absent; user requirements are processed and incorporated into implementation plans without escaping or validation logic.
Audit Metadata