Skills
skills/eins78/plot/plot-idea/Gen Agent Trust Hub

plot-idea

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill constructs shell commands using user-supplied input from the title field. This input is placed directly into commands like git commit -m "plot: <title>" and gh pr create --title "Plan: <title>" without sanitization, which could lead to command injection if malicious shell characters are provided.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests data from the project's local environment which may be influenced by external sources.
  • Ingestion points: Reads configuration from CLAUDE.md and file lists from docs/plans/.
  • Boundary markers: Absent; no delimiters or instructions are used to ignore embedded commands in the processed data.
  • Capability inventory: Performs git operations (git fetch, git checkout, git commit, git push), GitHub CLI operations (gh pr create, gh pr edit), and filesystem operations (mkdir, ln, cat, date) within SKILL.md.
  • Sanitization: Absent; configuration values like the project board name are used directly in commands without validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 08:55 AM