Skills
skills/cygnusfear/agent-skills/create-plan/Gen Agent Trust Hub

create-plan

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Utilize s the GitHub CLI (gh issue view) to fetch task requirement s from externa l issue s. This is a standard operation for the skill's desig n an d target s a well-know n service.
  • [PROMPT_INJECTION]: The skill possesse s an indirect pro m pt injection surface as it ingest s untruste d requirement s from GitHub issue s to drive plan generatio n. The requirement -to-step map ping proces s provide s a logica l validatio n laye r agains t maliciou s instr uction s.
  • Ingestio n point s: Requirement s are fetche d via gh issue view in SKIL L.md.
  • Boundar y marker s: Absen t; the agen t is directe d to extrac t al l conten t for map ping.
  • Capabil it y inventor y: Acces s to gh too l an d to do s_onesho t for plan ticke t generatio n.
  • Sanitizatio n: No ne; relie s on struct ure d map ping to ensure compliance with origina l task s.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 11:31 AM