executing-plans
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest and act upon 'plan' files, creating a potential surface for indirect prompt injection. However, the instructions explicitly mitigate this risk by requiring a 'critical review' (Step 1.2) and human consultation (Step 1.3) before any execution begins.
- Command Execution (INFO): The process describes executing tasks and running verifications. No specific dangerous commands, subprocess calls, or script implementations are present in the skill's definition.
- No Code (INFO): The file contains only instructional markdown and metadata. There are no executable scripts, binaries, or encoded payloads included.
Audit Metadata