gsd-plan-phase
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines a structured orchestration workflow involving research, planning, and verification steps. All identified actions, such as spawning sub-agents and requesting user feedback, are consistent with its documented purpose.
- [SAFE]: Resource access is limited to local workspace directories for configuration and reference. No access to sensitive system files, hardcoded credentials, or external network exfiltration patterns were detected.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through the ingestion of external data.
- Ingestion points: User-supplied arguments (
{{GSD_ARGS}}), external PRD files (via the--prdflag), and feedback fromREVIEWS.md. - Boundary markers: None explicitly defined in the skill wrapper; relies on the underlying agent's handling of spawned tasks.
- Capability inventory: Capabilities include spawning sub-agents (
spawn_agent), requesting input (request_user_input), and reading local workspace files. - Sanitization: No explicit sanitization or escaping of ingested data is mentioned in the skill instructions.
Audit Metadata