lanes-plan
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [No Code] (SAFE): The skill is entirely composed of markdown instructions and ASCII templates. It contains no executable scripts, binaries, or system commands, which significantly reduces the technical attack surface.
- [Indirect Prompt Injection] (LOW): The skill instructs the agent to read and process external project files and conversation history. This creates a surface for indirect prompt injection where malicious instructions embedded in project data could influence agent behavior. (1) Ingestion points: Project task lists, roadmap documents, and recent conversation context. (2) Boundary markers: Absent; there are no instructions to use delimiters or ignore instructions within the ingested data. (3) Capability inventory: This specific skill defines no direct command execution or network capabilities. (4) Sanitization: Absent; no validation or filtering is recommended for external data.
Audit Metadata