triage
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from an external project management API.\n
- Ingestion points: Fetches task details from
plane-api(SKILL.md).\n - Boundary markers: The prompt lacks explicit delimiters or instructions to ignore potential commands embedded within the task titles or descriptions.\n
- Capability inventory: The skill has the ability to update tasks and modify project data via
plane-api(SKILL.md).\n - Sanitization: There is no evidence of sanitization or validation of the content retrieved from the API before it is processed by the agent.
Audit Metadata