Skills
skills/aspiers/ai-config/plan-to-beads/Gen Agent Trust Hub

plan-to-beads

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes a local command-line interface tool named bd to list, create, and manage task dependencies. It also utilizes standard shell utilities like cat for handling multi-line task descriptions.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes untrusted implementation plans and source code content to generate task specifications.
  • Ingestion points: External implementation plan files and project source code (found in SKILL.md under the 'Find the plan' and 'Explore the codebase' sections).
  • Boundary markers: Absent. The skill does not define clear delimiters or use instructions to ignore embedded commands when reading plan or code files.
  • Capability inventory: Local command execution (bd, cat) and file system read access.
  • Sanitization: No specific sanitization or filtering logic is mentioned for data extracted from external files before it is passed to the task creation commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 09:15 PM
Security Audit — agent-trust-hub — plan-to-beads