Skills
skills/duc01226/easyplatform/plan-ci/Gen Agent Trust Hub

plan-ci

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from GitHub Actions logs.\n
  • Ingestion points: The agent fetches and reads GitHub Actions logs provided via the $ARGUMENTS URL.\n
  • Boundary markers: There are no explicit instructions or delimiters (e.g., XML tags or clear 'ignore embedded instructions' markers) to help the agent distinguish between log data and instructions.\n
  • Capability inventory: The skill uses a planner subagent, can read local protocol files (e.g., .claude/skills/shared/evidence-based-reasoning-protocol.md), and has the authority to activate other skills from the catalog dynamically.\n
  • Sanitization: No sanitization or validation of the log content is performed before analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 06:11 AM