gsd-plan-checker
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute shell commands such as find, cat, grep, and sed. These commands are used to discover and parse PLAN.md files located in the .planning/phases directory.
- [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection through its data processing workflow. (1) Ingestion points: The skill reads content from multiple PLAN.md files. (2) Boundary markers: No explicit delimiters or 'ignore-instructions' markers are used to isolate the ingested plan data. (3) Capability inventory: The agent uses Read and Bash tools to analyze plans and write a verification report to the file system. (4) Sanitization: There is no logic present to sanitize or escape the content of the plan files before it is processed by the agent.
Audit Metadata