planning
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious code, obfuscation, or data exfiltration patterns were found. The skill is purely instructional and defines a document format.
- [Indirect Prompt Injection] (LOW): The skill identifies a surface for indirect injection as it processes user-provided specs to create plans. 1. Ingestion points: User-provided requirements or specs. 2. Boundary markers: Absent; instructions do not specify delimiters for input data. 3. Capability inventory: Writing markdown files to disk, generating Python code, and suggesting git/pytest commands. 4. Sanitization: Absent.
- [Dynamic Execution] (LOW): The skill guides the agent to generate code and shell commands based on user input. This is considered low risk as it serves the primary purpose of documentation and plan generation within a template.
Audit Metadata