executing-plans
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill instructions involve reading and executing steps from external plan documents.
- Ingestion points: Plan files read during Step 1.
- Boundary markers: Absent in the skill definition.
- Capability inventory: The agent is directed to execute tasks and run verifications based on the plan.
- Sanitization: None specified, though Step 1 requires critical review and human consultation before proceeding.
- [Prompt Injection] (SAFE): No evidence of role-play, bypass markers, or instruction override patterns.
- [Data Exfiltration] (SAFE): No hardcoded credentials or commands for unauthorized data transmission.
- [Remote Code Execution] (SAFE): The skill contains no executable scripts or package installation instructions.
Audit Metadata