plot-sprint
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes Git commands (
git add,git commit,git push,git rm) to manage files within thedocs/sprints/anddocs/plans/directories. This is the primary function of the skill, facilitating a workflow where sprint coordination artifacts are committed directly to the main branch. - [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection by reading and parsing untrusted data from local repository files.
- Ingestion points: Reads sprint definitions, goals, and task lists from
docs/sprints/*.mdanddocs/plans/active/*.md. - Boundary markers: None identified; the skill parses Markdown checkbox states and HTML comment annotations (e.g.,
<!-- pr: #N ... -->) directly from the files. - Capability inventory: Limited to directory creation (
mkdir), symbolic link management (ln -s), and Git operations within the project scope. - Sanitization: The skill validates the format of the sprint slug (lowercase, hyphens) but does not sanitize the text of sprint goals or task descriptions before processing them.
Audit Metadata