writing-plans
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists exclusively of Markdown documentation and templates. There are no executable scripts, binaries, or automated logic components.
- [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection as it processes untrusted user specifications into action plans containing executable commands. 1. Ingestion points: User-provided specifications or requirements referenced in the overview. 2. Boundary markers: Absent; there are no guidelines provided to delimit user input or instruct the agent to ignore embedded instructions. 3. Capability inventory: The skill facilitates the creation of files and the generation of shell commands (pytest, git) that are subsequently handed off to other sub-skills for execution. 4. Sanitization: Absent; the skill lacks mechanisms to validate or escape the user-provided specification content.
Audit Metadata