plan-review
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No attempts to override agent instructions or safety filters found.- [Data Exposure & Exfiltration] (SAFE): Accesses local plan and code files as part of its core logic; no data exfiltration mechanisms or network operations identified.- [Remote Code Execution] (SAFE): No patterns for downloading or executing remote code or untrusted packages were found.- [Indirect Prompt Injection] (LOW): The skill ingests untrusted data from local plan files and source code. Evidence: 1. Ingestion points: plan files and target source code files. 2. Boundary markers: Absent. 3. Capability inventory: Limited to text-based interaction and markdown output. 4. Sanitization: Absent. The risk is minimal as the skill lacks high-impact execution or network tools.
Audit Metadata