pst-plan
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
ls -R tests/to discover the project's test directory structure. This is a routine discovery operation for development tools. - [DATA_EXPOSURE]: Accesses project configuration files like
package.jsonandplaywright.config.tsto extract environment details (versions, timeouts, base URLs) necessary for generating accurate test plans. - [PROMPT_INJECTION]: The skill has an attack surface for Indirect Prompt Injection (Category 8) because it processes data from
insights.mdwhich could contain malicious instructions designed to influence the generated code blocks. - Ingestion points:
.pst/sessions/[name]/insights.mdand.pst/sessions/[name]/snapshots/. - Boundary markers: Absent. The skill reads and processes these files directly without using delimiters or instructions to ignore embedded commands.
- Capability inventory: The skill is explicitly designed to generate full, runnable TypeScript code for Playwright tests and configuration files.
- Sanitization: Absent. The skill does not perform validation or filtering on the ingested data before using it to generate the implementation plan.
Audit Metadata