omc-plan
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality of reading and analyzing external data. \n- Ingestion points: User request strings, codebase facts gathered by the 'explore' agent, and existing plan files located in '.omc/plans/'. \n- Boundary markers: The skill instructions lack explicit delimiters or system-level instructions to treat ingested file content as non-executable data. \n- Capability inventory: The skill can trigger implementation through 'oh-my-claudecode:ralph' and 'oh-my-claudecode:team', and it spawns various sub-agents for analysis, architecture, and review. \n- Sanitization: No explicit content validation or filtering is performed on data retrieved from the file system before it is processed by the LLM.
Audit Metadata