planning-doc-generator
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by interpolating external JSON data into markdown documents without sanitization.\n
- Ingestion points: User-provided JSON input for project fields such as project_name, rationale, why, who, and what.\n
- Boundary markers: None; the instructions do not specify delimiters to isolate user-provided text from the document structure.\n
- Capability inventory: The skill uses Read, Write, and Edit tools to create and modify files in the ~/docs/planning/ directory.\n
- Sanitization: None; there is no logic to escape markdown characters or validate the contents of the JSON input fields before they are written to the file system.\n- [NO_CODE]: The skill provides logic and templates for documentation generation but does not include executable scripts or binaries. It relies on the agent's internal reasoning and file tools to execute the described workflow.
Audit Metadata