frontend-planning
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, such as remote code execution, unauthorized network access, or persistence mechanisms, were detected. The skill follows a structured workflow with multiple user review gates to ensure transparency and control.
- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it ingests untrusted content from the user's project environment.
- Ingestion points: Reads configuration files (
package.json,tsconfig.json) and scans all markdown files in thedocs/en/specifications/anddocs/en/policy/directories. - Boundary markers: The skill does not use specific delimiters or instructions to prevent the agent from being influenced by commands embedded within the reference documents.
- Capability inventory: The skill has the capability to write multiple markdown files to the local file system.
- Sanitization: There is no evidence of sanitization, filtering, or validation applied to the discovered documents before they are used as context.
Audit Metadata