create-plan
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: An indirect prompt injection surface exists as the skill directs the agent to ingest and analyze arbitrary codebase files. Ingestion points: Reading of all related files for context (SKILL.md). Boundary markers: None specified to delimit ingested code. Capability inventory: Uses the EnterPlanMode tool and file access. Sanitization: No specific filtering of ingested code content is mentioned. This risk is common to all code-analysis tools.
Audit Metadata