write-plan
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [No Code] (SAFE): The skill consists entirely of markdown instructions for the AI and does not include any scripts, command execution, or package dependencies.
- [Data Exposure] (SAFE): The skill references saving plan files to memory/plans/, which is a typical workspace for an AI agent and does not involve sensitive system directories or credentials.
- [Indirect Prompt Injection] (SAFE): The skill possesses an attack surface for indirect prompt injection but is deemed safe due to its limited scope. Evidence: 1. Ingestion points: User-provided design documents processed for planning. 2. Boundary markers: Uses markdown headers but lacks explicit 'ignore instructions' delimiters. 3. Capability inventory: Writing planning files to local memory path. 4. Sanitization: No sanitization or validation of input designs is specified.
Audit Metadata