plan-writing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill instructs the agent to create and save planning files ({task-slug}.md) directly in the project root based on user-provided task descriptions. While intended for organization, this creates a surface where malicious user input could attempt to influence file naming or content. * Ingestion points: User-provided task titles and slugs used for file creation. * Boundary markers: None; the instructions do not provide delimiters to isolate user-provided data. * Capability inventory: File-system write access for Markdown files and the potential execution of local project-specific scripts (e.g., security_scan.py) as part of verification tasks. * Sanitization: None; the skill relies on the underlying agent's default safety guardrails for path validation and content filtering.
Audit Metadata