Skills
skills/0xdeafcafe/skills/plan-change/Gen Agent Trust Hub

plan-change

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from the local repository (existing ADRs and feature files) to determine documentation style and conventions.
  • Ingestion points: Reads files from directories such as docs/adr/ and specs/ (Phase 0
  • Discover conventions).
  • Boundary markers: The instructions do not specify the use of delimiters or 'ignore' warnings for the data being read from the repository.
  • Capability inventory: The skill has the capability to write files and execute shell commands via git and the GitHub CLI (gh) during Phase 5.
  • Sanitization: There is no explicit sanitization or filtering logic mentioned for the content extracted from the existing documentation files before it is used to influence the generation of new drafts.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 02:08 AM
Security Audit — agent-trust-hub — plan-change