plan-writing
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- Indirect Prompt Injection (LOW): Ingestion point: Reads project files via Read, Glob, and Grep tools; Boundary markers: Absent; Capability inventory: Read-only file system access; Sanitization: Absent. The skill acts as a formatter for external data with no side-effect capabilities.
- Tool Access (SAFE): The skill only allows Read, Glob, and Grep tools, which are inherently limited to non-modifying operations.
- Command Execution (SAFE): Shell command examples in the documentation (e.g., npx, curl) are provided as instructional text for agent planning and are not executed by the skill itself.
Audit Metadata