writing-plans
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill defines a workflow for processing untrusted specifications into implementation plans, creating a surface for indirect prompt injection.\n
- Ingestion points: Processes user-provided task specifications or requirements as input to generate plan steps.\n
- Boundary markers: Absent; there are no instructions or delimiters provided to help the agent distinguish between data and embedded instructions in the source text.\n
- Capability inventory: The skill has the capability to write markdown files to the workspace (specifically in the plans/ directory).\n
- Sanitization: There is no evidence of input validation or sanitization to prevent malicious content from the source material from being propagated into the output plan documents.\n- [NO_CODE]: The skill is composed entirely of markdown-based instructions and metadata, containing no executable scripts, binaries, or external library dependencies.
Audit Metadata