executing-plans
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains a mandatory announcement phrase: 'Ensure Antigravity is set to Fast Mode'. This pattern of requesting specific 'modes' or persona-based behavior is often associated with attempts to bypass standard operational constraints or safety filters.
- [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection as it processes and follows instructions from untrusted plan files.
- Ingestion points: The process explicitly starts by reading a plan file in Step 1 ('Read plan file').
- Boundary markers: No boundary markers or 'ignore' instructions are present to differentiate between legitimate plan steps and potentially malicious embedded instructions.
- Capability inventory: The skill allows for batch execution of tasks which include file modifications ('Files changed'), test execution, and command running ('Verification output').
- Sanitization: No sanitization or validation logic is applied to the content of the plan file before the agent attempts to 'Follow each step exactly'.
Audit Metadata