Skills
skills/ligphidonk/oh-my--paper/inno-pipeline-planner/Gen Agent Trust Hub

inno-pipeline-planner

Pass

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface by ingesting and processing untrusted data from the local project environment to inform its planning logic and artifact generation.
  • Ingestion points: According to SKILL.md, the skill reads existing artifacts including .pipeline/docs/research_brief.json, .pipeline/tasks/tasks.json, instance.json, and scans various project subdirectories (Survey/, Ideation/, Experiment/, etc.).
  • Boundary markers: Absent. There are no specific instructions or delimiters defined to prevent the agent from interpreting instructions that might be embedded within the ingested project files.
  • Capability inventory: The skill utilizes write_file to create and update configuration and documentation files (.pipeline/config.json, research_brief.json, tasks.json) based on the analyzed context.
  • Sanitization: Absent. There is no evidence of validation, escaping, or sanitization of the content extracted from project files before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 19, 2026, 01:26 PM