Skills
skills/muharremtozan/unity-agent-skills/planner/Gen Agent Trust Hub

planner

Pass

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests data from external skill files.
  • Ingestion points: The agent is instructed to use view_file on SKILL.md files in the .agent/skills directory to understand their specific standards (SKILL.md, Section 1).
  • Boundary markers: There are no instructions to use delimiters or warnings to ignore potentially malicious instructions within those external files.
  • Capability inventory: The skill possesses significant capabilities, including run_command and write_to_file, which could be triggered if the agent follows instructions found inside the scanned skill files.
  • Sanitization: No validation or sanitization of the content from the external files is performed before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 19, 2026, 08:31 AM