planning-workflows
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a project management workflow that uses local files to store requirements, designs, and tasks. It does not perform network operations or access sensitive system paths.
- [COMMAND_EXECUTION]: The skill defines local slash commands (/spec, /no_spec) to switch between different planning modes. These commands are used to structure the AI's internal reasoning and do not execute arbitrary shell commands.
- [DATA_EXFILTRATION]: All data operations are local to the repository (specifically under the 'specs/' directory). There are no network requests or external data transfers.
- [PROMPT_INJECTION]: The skill uses instructional headers like 'Important Reminder' to enforce phase-gate confirmations in the workflow. This is standard instructional language for maintaining state in complex tasks and does not attempt to bypass agent safety filters.
Audit Metadata