planning-prompts
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill defines a 'Golden Rule' that the agent must automate any task with a CLI or API (e.g., npm, git, vercel). It also provides prompt templates that include shell command execution syntax (e.g.,
!date +%Y-%m-%dinreference/meta-prompts.md). - [PROMPT_INJECTION]: The skill architecture creates a surface for indirect prompt injection. Ingestion points: External data is ingested through web-based research tasks (WebSearch/WebFetch) as described in
reference/meta-prompts.md. Boundary markers: The templates use XML delimiters, but do not provide instructions to the agent to disregard instructions found within the ingested external content. Capability inventory: The skill allows for file system modification, directory creation, and the execution of CLI tools. Sanitization: There is no specified logic for sanitizing or escaping research findings before they are incorporated into executable PLAN.md files. - [EXTERNAL_DOWNLOADS]: The workflow relies on gathering external data via web search and fetching tools to inform the planning and execution phases.
Audit Metadata