sprint-planner
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the 'mkdir -p' command to create a directory for sprint documentation. This is a standard and benign file system operation required for organizing the skill's output files.- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes external documentation files.
- Ingestion points: Reads project-specific files including docs/planning/journal.md and various specification documents.
- Boundary markers: No explicit delimiters are used to wrap ingested data.
- Capability inventory: Includes directory creation (mkdir) and file writing to the local repository.
- Sanitization: No sanitization is performed on the content of the markdown files before parsing.
- Context: While an injection surface exists, the risk is negligible as the skill lacks high-risk capabilities like network access or arbitrary code execution.
Audit Metadata