Skills
skills/zhanlincui/agent-skills-hunter/writing-plans/Gen Agent Trust Hub

writing-plans

Pass

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill is designed to ingest and process external software specifications or requirements to generate plans, which serves as a potential vector for indirect prompt injection.
  • Ingestion points: User-supplied 'spec or requirements' described in SKILL.md.
  • Boundary markers: None explicitly defined in the skill instructions.
  • Capability inventory: The resulting plans include file creation, modification, and execution of shell commands (e.g., pytest, git).
  • Sanitization: No explicit input validation or sanitization is mentioned.
  • [COMMAND_EXECUTION]: The skill instructs the agent to generate and potentially provide templates for standard development commands.
  • Evidence: SKILL.md includes specific examples for pytest testing and git version control commands within the task structure templates.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 12, 2026, 02:59 AM