create-prompt-plan
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE]: The skill reads from '.turbo/spec.md' and writes to '.turbo/prompts.md'. These operations are restricted to the local project workspace and do not target sensitive system paths or credentials.
- [INDIRECT_PROMPT_INJECTION]: The skill processes content from a specification file, which acts as a data ingestion point. While it lacks explicit boundary markers to separate untrusted data from instructions, it implements a multi-agent review process (Step 4) to validate the output.
- Ingestion points: Reads specification data from '.turbo/spec.md' (SKILL.md, Step 1).
- Boundary markers: None identified in the prompt templates.
- Capability inventory: File system read/write, sub-agent orchestration (SKILL.md, Step 4), and internal tool calls (/plan-implementation).
- Sanitization: None identified; however, the structured output format and multi-agent validation mitigate the risk of accidental instruction following.
Audit Metadata