concise-planning
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill's instructions to scan external context such as README files and source code create an indirect prompt injection surface. Ingestion points: Reads local project README.md, documentation, and code files. Boundary markers: Absent; the skill does not use delimiters or explicit instructions to ignore embedded prompts in external data. Capability inventory: The skill is limited to generating text checklists and has no file system write access, network capabilities, or command execution. Sanitization: No sanitization or validation of the ingested content is specified.
- [NO_CODE]: The skill consists entirely of natural language instructions and markdown templates with no executable scripts or binaries.
Audit Metadata