Skills
skills/hoangvantuan/claude-plugin/planning-content/Gen Agent Trust Hub

planning-content

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses tools like WebFetch and WebSearch to retrieve content from external URLs provided by the user during the research phase.
  • [COMMAND_EXECUTION]: The skill performs automated file system operations to create and write multiple Markdown files (index, research, content maps, and outlines) within the local workspace directory.
  • [PROMPT_INJECTION]: Indirect Prompt Injection vulnerability surface detected.
  • Ingestion points: Untrusted data enters the agent context through URLs and local files as described in Phase 1 and Phase 3.
  • Boundary markers: Absent. The instructions do not define delimiters or provide specific warnings to the agent to ignore instructions embedded within the processed materials.
  • Capability inventory: The agent is authorized to create and modify files on the local disk and perform network queries via WebSearch.
  • Sanitization: Absent. The skill does not implement validation or filtering for the content extracted from external sources.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 03:03 PM