Skills
skills/everyinc/compound-engineering-plugin/deepen-plan-beta/Gen Agent Trust Hub

deepen-plan-beta

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it ingests and processes untrusted implementation plan files.
  • Ingestion points: The skill reads a plan file from a path provided via the 'plan_path' argument in 'SKILL.md'.
  • Boundary markers: The skill lacks explicit instructions or delimiters to treat the content of the plan file as untrusted data or to ignore any embedded instructions within it.
  • Capability inventory: The skill has the capability to read from and write to the local filesystem (updating the plan file) and can invoke multiple other specialized agents (e.g., 'security-sentinel', 'architecture-strategist') based on the content of the plan.
  • Sanitization: There is no evidence of sanitization, validation, or escaping of the content ingested from the plan file before it is used to drive the workflow or passed to other agents.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 11:26 PM