pick-next-prompt
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill manages a structured implementation plan stored in local files (.turbo/prompts.md and .turbo/spec.md). It does not contain any malicious code or instructions.
- [DATA_EXFILTRATION]: The skill reads project-specific configuration and documentation files. This access is restricted to the local environment and is necessary for the skill's primary function of providing context-aware implementation planning.
- [PROMPT_INJECTION]: The skill processes natural language prompts from .turbo/prompts.md to guide its next actions. Ingestion points: The skill reads task descriptions and requirements from .turbo/prompts.md and .turbo/spec.md. Boundary markers: No explicit delimiters or safety instructions are used when interpolating these prompts. Capability inventory: The skill can read/write local project files and invoke other installed skills like /enhance-plan. Sanitization: No sanitization of the input prompt text is performed before it is used to design the implementation plan. This is the primary intended behavior of the skill.
Audit Metadata