Skills
skills/fwehrling/forge/forge-plan/Gen Agent Trust Hub

forge-plan

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes project-specific documentation, creating a surface for indirect prompt injection. This is inherent to the skill's primary function of PRD generation. \n
  • Ingestion points: The skill reads content from documentation files docs/analysis.md and docs/prd.md. \n
  • Boundary markers: No specific delimiters or instructions are used to isolate or ignore potentially malicious content from these files. \n
  • Capability inventory: The skill executes forge-memory CLI commands and performs file write operations to docs/prd.md. \n
  • Sanitization: Content from the ingested files is processed without validation or sanitization. \n- [COMMAND_EXECUTION]: The skill executes the forge-memory utility (search, log, consolidate, sync) for state management and logging. These commands are local to the Forge environment provided by the author and represent standard functionality.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 06:46 PM