planner
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes user thoughts and plan files via scripts/planner.py and scripts/executor.py, which are used to generate agent instructions. This ingestion surface is managed by structured templates and boundary markers like XML tags (e.g., <execution_rules>) within the script output. While no sanitization is applied to the thoughts string, the multi-step review and delegation protocol mitigates risks by requiring explicit passing/failing criteria and human-in-the-loop checkpoints.
- [COMMAND_EXECUTION]: The execution workflow incorporates instructions for running standard local verification tools such as pytest, mypy, and tsc. These commands are essential to the execution process, are limited to the project's local development environment, and are documented as expected behaviors for a software development assistant.
Audit Metadata