task-planning

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or security risks were identified. The skill focuses on organizational workflows and uses standard tools for project documentation and management.
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it processes untrusted data such as user feedback and bug reports. However, the instructions direct the agent to synthesize this data into planning documents rather than executing instructions contained within the data.
  • Ingestion points: Processes external context such as PRDs, GDDs, playtest feedback, and repository issues in SKILL.md.
  • Boundary markers: Uses specific output templates and 'Planning Packet' headers to structure and isolate generated content.
  • Capability inventory: The skill utilizes Bash, Read, Write, Edit, Glob, and Grep tools to interact with project files as defined in the frontmatter.
  • Sanitization: Does not implement explicit sanitization of processed data, relying on the model's summarization instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 07:07 AM
Security Audit — agent-trust-hub — task-planning