write-plan-doc
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill incorporates content from potentially untrusted source files (e.g., research.md) into generated documents, creating an indirect prompt injection vulnerability. \n
- Ingestion points: research.md and other local project files used for planning. \n
- Boundary markers: The instructions do not specify any delimiters or ignore-directives for external content. \n
- Capability inventory: The skill performs file system write operations to save plans in the 'thoughts/' directory. \n
- Sanitization: There is no evidence of validation, escaping, or filtering of the ingested research content before it is interpolated into the generated document.\n- [SAFE]: File operations are confined to project-specific subdirectories, and no network exfiltration or credential leakage patterns were identified.
Audit Metadata