executing-plans
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-supplied implementation plans to generate and execute tasks, representing a potential indirect prompt injection surface. * Ingestion points: Implementation plan files (plan.md, _index.md). * Boundary markers: Absent; the skill does not wrap content in delimiters or provide ignore-instruction warnings. * Capability inventory: Task management (TaskCreate, TaskUpdate) and subagent-based code execution. * Sanitization: No evidence of validation, filtering, or sanitization of input plan data.
- [SAFE]: The primary logic and metadata of the skill are legitimate and align with its stated purpose of project management.
- [DATA_EXFILTRATION]: No patterns of unauthorized sensitive file access or network communication to external domains were identified.
- [COMMAND_EXECUTION]: Command usage is restricted to standard task-tracking tools and codebase exploration through Read, Glob, and Grep, which are necessary for the skill's function.
Audit Metadata