list-planned-work
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill processes external task data from the One Horizon platform, creating a surface for indirect prompt injection.
- Ingestion points: External data enters the context through the list-planned-work and get-task-details tool calls.
- Boundary markers: No delimiters are specified in the instructions to wrap external content or warn against embedded instructions.
- Capability inventory: The skill provides read-only access to tasks and initiatives; no command execution or network capabilities are present in the skill definition.
- Sanitization: No sanitization or content validation is mentioned for task data.
- [NO_CODE]: This skill consists of markdown instructions and tool definitions without any accompanying code, scripts, or package files.
Audit Metadata