Skills
skills/fandhe-ai/agent-cli-skills/create-plan/Gen Agent Trust Hub

create-plan

Warn

Audited by Gen Agent Trust Hub on Mar 23, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Security Prompt Bypass: The skill instructs the agent to evade platform-level authentication or consent prompts when modifying sensitive directories such as .claude/. It suggests a two-step process: writing to a non-restricted temporary directory (_/) and then using the mv command to move the file to the target restricted location.
  • [COMMAND_EXECUTION]: Automated File System Interaction: The instructions require the use of discovery tools like Explore Agent, Glob, and Grep to read and analyze local source code, which involves executing automated file-system operations.
  • [PROMPT_INJECTION]: Indirect Injection Surface: The skill ingests untrusted user descriptions to generate plans without sanitization or boundary markers.
  • Ingestion points: User task descriptions (SKILL.md).
  • Boundary markers: Absent.
  • Capability inventory: Writing to file system, moving files (mv), and searching files (grep, glob).
  • Sanitization: Absent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 23, 2026, 11:14 AM