Skills
skills/fortunto2/solo-factory/solo-plan/Gen Agent Trust Hub

solo-plan

Pass

Audited by Gen Agent Trust Hub on Apr 5, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and processing untrusted project data and existing plan files to influence its planning output.
  • Ingestion points: The skill reads various project files including package.json, pyproject.toml, CLAUDE.md, docs/prd.md, docs/workflow.md, and existing files within docs/plan/ (SKILL.md, Steps 3, 4, 5).
  • Boundary markers: There are no explicit instructions or delimiters used to ensure the agent ignores potential instructions embedded within the ingested codebase files or documentation.
  • Capability inventory: The skill utilizes Write, Edit, and Bash tools to create and modify plan files based on the researched content (SKILL.md, Steps 7, 8, 9).
  • Sanitization: The skill lacks sanitization logic when reading from existing plans and code files, potentially allowing content from those files to steer the generation of new specifications and task lists.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 5, 2026, 09:51 AM