executing-plans
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill consists of a single markdown file containing instructions and lacks any executable scripts or binaries.
- [SAFE]: No malicious patterns, prompt injections, or data exfiltration attempts were detected. The skill follows security best practices by requiring user approval for significant actions like commits and implementing a batched workflow with review checkpoints.
- [PROMPT_INJECTION]: The skill processes external implementation plans which create a surface for indirect instructions. 1. Ingestion points: Workflow step 1 in SKILL.md requires reading a plan file from the environment. 2. Boundary markers: No specific delimiters are defined to isolate the plan content. 3. Capability inventory: The workflow includes file modification and command execution for verification. 4. Sanitization: The skill relies on 'user review checkpoints' and 'batch execution' as procedural mitigations to ensure human oversight of all actions.
Audit Metadata