plan-skill
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [No Code] (SAFE): The skill contains only instructional markdown and lacks any executable scripts or binary files.\n- [Indirect Prompt Injection] (SAFE): The skill processes external data from repository inspection and web research, representing an attack surface for indirect instructions. However, the risk is mitigated by explicit constraints that prohibit implementing changes or executing state-altering commands.\n
- Ingestion points: Repository inspection via Read/Glob/Grep and web research results in the Workflow section.\n
- Boundary markers: Absent; no specific delimiters are defined for the content found during inspection or research.\n
- Capability inventory: Limited to read-only inspection (Read/Glob/Grep) and Bash informational commands (ls, git status, git diff, git log).\n
- Sanitization: Absent; the skill does not specify filtering or escaping of content found during analysis.
Audit Metadata