omc-plan
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing untrusted user requirements and existing plan files.
- Ingestion points: User input prompts and plan files read from
.omc/plans/(SKILL.md). - Boundary markers: None identified for distinguishing instruction from data within the plan files.
- Capability inventory: Ability to spawn subagents (
Task), write local files (state_write), and trigger execution workflows (Skill:oh-my-claudecode:ralph,Skill:oh-my-claudecode:team) (SKILL.md). - Sanitization: No explicit sanitization of external content was found.
- [COMMAND_EXECUTION]: The skill provides instructions for utilizing the
omcCLI tool to override default model providers for architectural and critical reviews. This is a documented integration feature for the platform's orchestration layer. - [SAFE]: The skill manages persistent session state and planning artifacts within a local metadata directory (
.omc/), which is a standard practice for development-oriented agents and does not expose sensitive system paths.
Audit Metadata