make-plan
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious behavior, obfuscation, or safety bypasses were detected in the skill instructions. The skill focuses on best practices for software implementation and verification.
- [NO_CODE]: The skill consists exclusively of markdown instructions and does not contain any executable scripts, binaries, or configuration files that could pose a threat.
- [PROMPT_INJECTION]: The skill involves reading external content such as documentation, example files, and URLs during the discovery phase. This creates an attack surface for indirect prompt injection (Category 8) where instructions in external data could potentially influence the agent. Evidence: 1. Ingestion points: The Documentation Discovery phase reads external URLs and files. 2. Boundary markers: The skill does not explicitly instruct the agent to use delimiters or ignore instructions found in the external content. 3. Capability inventory: The subagents are expected to read files and use grep. 4. Sanitization: No sanitization of the external content is specified.
Audit Metadata