implement-local-plan
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: No evidence of malicious behavior, data exfiltration, or hardcoded credentials was found in the provided skill.
- [NO_CODE]: The skill is composed entirely of natural language directives for the AI and does not include any scripts, binaries, or package dependencies.
- [PROMPT_INJECTION]: The skill is designed to ingest and act on instructions from files within the .github/plans/ directory, creating a surface for indirect prompt injection. 1. Ingestion points: .github/plans/ and .github/reports/ files. 2. Boundary markers: None specified. 3. Capability inventory: Git commit operations and file system writing. 4. Sanitization: None identified. This behavior is restricted to local project management and is the core purpose of the skill.
Audit Metadata