planning-under-uncertainty
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions designed to bypass agent safety filters or override system prompts were detected. The skill uses standard instructional language for structured planning.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations were found. The skill only produces text-based planning documents.
- Unverifiable Dependencies & RCE (SAFE): There are no package installation commands (npm/pip) or patterns of remote code execution (curl/wget | bash).
- Indirect Prompt Injection (LOW): The skill ingests untrusted user context about projects and initiatives (SKILL.md). While this represents a surface for injection, the skill's capabilities are limited to text generation and file writing of Markdown templates, with no path to command execution or sensitive data access.
Audit Metadata