plan-reduce-max-lines
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill ingests user input via the $ARGUMENTS variable and interpolates it into a structured brief that is subsequently passed to another agent via the /plan-execute tool. This creates a multi-step chain surface where malicious input could attempt to influence the logic or tasks of the downstream planning agent.
- Ingestion points: $ARGUMENTS (User/Agent input).
- Boundary markers: Absent.
- Capability inventory: Bash (used for local linting), delegation to /plan-execute.
- Sanitization: No input validation or escaping is performed before interpolation into the brief.
Audit Metadata