Skills
skills/tylerburleigh/claude-sdd-toolkit/sdd-plan/Gen Agent Trust Hub

sdd-plan

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use the sdd CLI for codebase analysis and documentation management, including commands like sdd doc stats, sdd doc search, and sdd doc complexity.
  • [COMMAND_EXECUTION]: The skill methodology involves creating JSON specification files that contain shell commands (e.g., npm test, npm run migrate) in the metadata.command field for automated verification tasks.
  • [PROMPT_INJECTION]: The skill exhibits a potential surface for indirect prompt injection (Category 8) as it analyzes untrusted codebase data to generate development plans; however, this is a standard characteristic of development tools and is managed through the structured planning workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 10:21 AM