execute-plan
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill creates an attack surface where untrusted external content influences execution. ● Ingestion points: Markdown and YAML plan files (Section 1). ● Boundary markers: No delimiters defined to prevent embedded instructions within task descriptions. ● Capability inventory: Orchestrates execution of test_command, lint_command, and typecheck_command (Section 8.1). ● Sanitization: Missing validation of plan content prior to processing.
Recommendations
- AI detected serious security threats
Audit Metadata