research-to-plan
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill uses trusted tools (Firecrawl) and references well-known documentation domains (e.g., react.dev, nextjs.org) for its research phase. Orchestration is handled through standard agent team and task management operations.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting external data from documentation websites into a knowledge base.\n
- Ingestion points: The
firecrawl:crawlandfirecrawl:maptools inSKILL.mdfetch content from external URLs.\n - Boundary markers: No specific delimiters or instructions to ignore embedded commands within the crawled content are defined.\n
- Capability inventory: The skill can perform file system writes (saving design and implementation plans to
docs/plans/) and manage agent teams and tasks.\n - Sanitization: No explicit sanitization or filtering of the content retrieved via Firecrawl is specified before it is used for design augmentation.
Audit Metadata