plan
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through the ingestion and processing of external task data. * Ingestion points: Task data retrieved via the plane-api list action (SKILL.md). * Boundary markers: Absent; the skill does not use delimiters to isolate task data from agent instructions. * Capability inventory: The agent is instructed to write state files to the workspace directory (SKILL.md). * Sanitization: Absent; there is no validation or escaping of external task content before it is used for planning.
Audit Metadata