plan
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides a structured framework for task planning, emphasizing analysis, iterative quality checks, and mandatory user collaboration. It explicitly prohibits implementation and tool-based plan mode activation.- [PROMPT_INJECTION]: The skill acts as a router that transforms user input into enhanced prompts for sub-skills, representing an indirect injection surface.
- Ingestion points: Untrusted user input enters the workflow via the
$ARGUMENTSvariable inSKILL.md. - Boundary markers: The input is encapsulated within
<task>XML tags to provide structural separation. - Capability inventory: The skill uses
TaskCreatefor task orchestration,AskUserQuestionfor validation, and mentionsWebSearchandWebFetchfor research. - Sanitization: The skill does not perform string sanitization but mitigates risk through explicit instructions for the agent to analyze the input and verify assumptions with the user before proceeding.
Audit Metadata