executing-plans
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): The skill is susceptible to indirect prompt injection through the 'plan file' it is designed to process.
- Ingestion points: SKILL.md (Step 1: Load and Review Plan) reads content from an external file.
- Boundary markers: None identified. The skill does not define specific markers to isolate plan data from instructions.
- Capability inventory: The skill allows for task execution and verification based on the plan's contents.
- Sanitization: None. The skill instructs the agent to 'follow each step exactly'.
Audit Metadata