plan-reduce-max-lines-per-function
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill uses the Bash tool to run bun run lint, which executes local projec t script s and relies on the security of the local buil d configuration.
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface identified in Step 2 where lint outpu t is passed into a brief for plan ning. 1. Ingestion point s: Outpu t from the bun run lint com mand. 2. Boundary marker s: No ne used when constructin g the brief for the /plan-create tool. 3. Capability inventory: Use s Bash and /plan-create to generate task s. 4. Sanitization: No ne. Data such as file path s or function name s is no t sanitize d before interpolation into a new prompt.
Audit Metadata