Skills
skills/duc01226/easyplatform/plan-review/Gen Agent Trust Hub

plan-review

Pass

Audited by Gen Agent Trust Hub on Mar 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes a local project script located at .claude/scripts/code_graph to perform dependency analysis and verify plan coverage. It uses subcommands such as query importers_of, connections, and trace to ensure all affected files are accounted for in the implementation plan.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes content from untrusted plan files.\n
  • Ingestion points: Reads plan.md and phase-*.md files (Step 1) to extract requirements and steps.\n
  • Boundary markers: The instructions do not specify the use of delimiters or ignore-instructions to isolate the plan content from the review logic.\n
  • Capability inventory: The skill can execute local scripts via python, create new tasks via TaskCreate, and write report files to plans/reports/.\n
  • Sanitization: No explicit sanitization or validation of the plan content is defined before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 23, 2026, 07:33 AM