executing-plans
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to load and execute an external plan file, which creates an entry point for indirect prompt injection. instructions within the plan could attempt to manipulate the agent's behavior during the implementation phase.
- Ingestion points: Reads an external implementation plan file in Step 1.
- Boundary markers: No explicit delimiters or instructions to ignore embedded prompts within the loaded plan are specified.
- Capability inventory: The skill executes tasks which may involve file modifications and calls the sub-skill finishing-a-development-branch.
- Sanitization: No automated sanitization or validation of the plan content is performed prior to execution.
- [NO_CODE]: This skill consists entirely of instructional markdown and process logic with no associated scripts, executables, or dependency files.
Audit Metadata