planning-assistant
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill contains no instructions for credential exfiltration, malicious network requests, or unauthorized system access. All instructions are focused on legitimate content planning activities.\n- [NO_CODE]: The skill package is composed entirely of markdown documentation and a configuration manifest. It does not include any Python, JavaScript, or shell scripts, eliminating the risk of direct remote code execution or malware.\n- [PROMPT_INJECTION]: The skill instructions specify a workflow that ingests external data, which constitutes a surface for indirect prompt injection. \n
- Ingestion points: Research and inspiration content imported from browser extensions or user bookmarks.\n
- Boundary markers: The instructions do not define delimiters or specific warnings to ignore instructions embedded within the processed research materials.\n
- Capability inventory: No tools, shell commands, or network operations are defined within this specific skill; it relies on the environment's default capabilities.\n
- Sanitization: There are no instructions provided to sanitize, filter, or validate the ingested data before processing.
Audit Metadata