create-plan
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOW
Full Analysis
- [Indirect Prompt Injection] (INFO): The skill has an ingestion surface for untrusted data by reading project files like
README.mdand codebase documentation. However, its capabilities are restricted to generating a text-based plan using a rigid template. It is explicitly commanded to operate in read-only mode and not to write or update files, mitigating risks of side effects from malicious content in the files it reads. - [Data Exposure] (LOW): The skill accesses local project context and documentation to perform its function. Because the skill lacks network access and is restricted to producing a markdown plan for the user, there is no risk of data exfiltration.
- [Command Execution] (SAFE): The instructions explicitly forbid writing files or executing code snippets, ensuring the skill remains a low-privilege informational tool.
Audit Metadata