executing-plans
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified in the skill's logic, instructions, or metadata.
- [COMMAND_EXECUTION]: Uses common shell commands (
mkdir,mv) to manage the lifecycle of plan files within the project's documentation directory. These operations are scoped to project management and do not pose a privilege escalation risk. - [PROMPT_INJECTION]: The skill is designed to process external implementation plans, representing an indirect prompt injection surface (Category 8). Ingestion points: Reads implementation plan files from
docs/exec-plans/active/as seen in SKILL.md. Boundary markers: None explicitly defined for file content, though the skill requires the agent to 'review critically' and raise concerns before starting. Capability inventory: Basic file system operations (mkdir,mv) in SKILL.md. Sanitization: None. The risk is mitigated by the design requiring batch execution with explicit checkpoints for human feedback between steps.
Audit Metadata