project-planning
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOW
Full Analysis
- [SAFE] (SAFE): No malicious patterns, prompt injection, or data exfiltration vectors were identified in the analyzed files.
- [Category 8: Indirect Prompt Injection] (LOW): The skill provides templates for generating project plans based on user input. While the generated output depends on user-provided descriptions, the skill itself lacks executable capabilities (e.g., file system writes, network requests, or subprocess execution), limiting the impact to local reasoning influence only.
- [Category 4: Unverifiable Dependencies] (SAFE): The templates mention various common libraries (React, Tailwind, Hono, Clerk) within documentation examples, but the skill does not include any dependency manifests (package.json, requirements.txt) that would trigger automated installations or remote code downloads.
- [Category 2: Data Exposure] (SAFE): The templates include placeholders for authentication tokens (e.g., '<jwt_token>', 'YOUR_JWT_TOKEN') and test key prefixes ('pk_test_...'). No actual hardcoded secrets or sensitive configuration data were found.
Audit Metadata