writing-plans
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- Prompt Injection (SAFE): No instructions designed to bypass safety filters or override system constraints were identified. The skill focuses on structured task planning.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials or access to sensitive local files (e.g., .ssh, .env) were detected. File writing is restricted to a dedicated documentation directory (docs/plans/).
- Unverifiable Dependencies (SAFE): The skill does not download external packages or execute remote scripts. All referenced components are internal sub-skills.
- Indirect Prompt Injection (LOW): The skill processes external 'specs or requirements' to generate plans. While this creates a vulnerability surface for processing untrusted data, the mandatory TDD structure and granular task requirements act as functional constraints against arbitrary command execution.
- Persistence Mechanisms (SAFE): No attempts to modify shell profiles, cron jobs, or system services were found.
Audit Metadata