Skills
skills/stevengonsalvez/agents-in-a-box/plan/Gen Agent Trust Hub

plan

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script recall.py via uv run to retrieve contextual information. This is a standard part of the skill's logic for knowledge retrieval.
  • [COMMAND_EXECUTION]: The agent is guided to run standard development commands like npm test and npm run build for plan verification.
  • [PROMPT_INJECTION]: The skill processes external files such as requirements and research docs, creating a surface for indirect prompt injection.
  • Ingestion points: Files in research/, plans/, .planning/, and general codebase files.
  • Boundary markers: The skill does not employ explicit delimiters or instructions to ignore embedded commands in ingested files.
  • Capability inventory: The agent can read files, write plans, and execute shell commands (uv run, npm).
  • Sanitization: No validation or sanitization of the ingested data is performed.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 09:05 AM