plan-viz
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell scripts
scripts/detect-plan-context.shandscripts/analyze-impact.shto perform git repository analysis and environment detection. - [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface due to the automated processing of external data.
- Ingestion points: Fetches untrusted data from GitHub issue descriptions using the
ghcommand-line tool. - Boundary markers: The skill does not implement clear delimiters or instructions to the agent to disregard instructions potentially embedded within the fetched issue content.
- Capability inventory: The skill is equipped with high-impact capabilities including
Bashcommand execution,Writeoperations to the filesystem, and the ability to spawn sub-agents for exploration. - Sanitization: There is no evidence of sanitization, filtering, or validation of the retrieved issue body before it is integrated into the agent's context for plan generation.
Audit Metadata