diverse-plan
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill's architecture involves gathering and processing external data, which creates a surface for indirect prompt injection.\n- Ingestion points: Context is gathered from user requests and file contents using Glob, Grep, and Read tools in Phase 0 of the workflow (SKILL.md).\n- Boundary markers: The instructions lack defined delimiters or explicit 'ignore embedded instruction' warnings to isolate the gathered data from the agents' core prompts.\n- Capability inventory: The skill dispatches sub-agents via the Agent tool and recommends the use of file-writing tools such as
superpowers:executing-plansfor plan implementation.\n- Sanitization: No validation or sanitization requirements are specified for content extracted from the codebase or provided by the user before it is interpolated into agent instructions.
Audit Metadata