Skills
skills/tai-ch0802/skills-bundle/plan-writing/Gen Agent Trust Hub

plan-writing

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill facilitates the creation of task plans by reading existing project files, creating a surface for indirect prompt injection where malicious content in those files could influence agent behavior.
  • Ingestion points: The skill utilizes the Read, Glob, and Grep tools to ingest content from the local project environment (SKILL.md).
  • Boundary markers: There are no requirements for delimiters or instructions to treat external file content as untrusted data.
  • Capability inventory: While the skill's allowed tools are restricted to Read, Glob, and Grep, the instructions guide the agent to create plans that involve command execution for verification (e.g., npm run dev, curl, and various Python audit scripts like security_scan.py).
  • Sanitization: The skill lacks any defined validation or sanitization steps for data extracted from the project files before it is incorporated into the generated plans.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 01:27 PM