agent-planner
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The pre and post lifecycle hooks in the skill metadata interpolate the untrusted $TASK variable directly into shell commands. Evidence: 1. Ingestion points: $TASK variable in hooks. 2. Boundary markers: Absent. 3. Capability inventory: Shell execution via echo and memory_store commands. 4. Sanitization: Absent.
- [PROMPT_INJECTION] (SAFE): The prompt instructions are focused on strategic planning and task orchestration with no evidence of safety filter bypass or role-play injection.
- [EXTERNAL_DOWNLOADS] (SAFE): No external scripts or packages are downloaded or executed.
Audit Metadata