Skills
skills/yonatangross/orchestkit/plan-viz/Gen Agent Trust Hub

plan-viz

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute included scripts, detect-plan-context.sh and analyze-impact.sh, which automate git diffs and context gathering using the local repository environment.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted repository metadata and issue tracking information.
  • Ingestion points: Git branch names, commit counts, and GitHub issue titles (retrieved via the gh CLI) are processed by scripts/detect-plan-context.sh.
  • Capability inventory: The skill employs Bash for command execution and Task for spawning sub-agents (e.g., Explore) with dynamically generated prompts based on the ingested metadata.
  • Boundary markers: The skill lacks explicit protective delimiters or instructions to prevent the agent from interpreting potentially malicious instructions contained within the ingested git or issue metadata.
  • Sanitization: Ingested strings from the repository and external issue tracker are interpolated into report templates and agent tasks without validation or filtering.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 04:27 PM