Skills
skills/b-mendoza/agent-skills/planning-github-task/Gen Agent Trust Hub

planning-github-task

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection surface detected because the skill's core workflow requires reading and interpreting content from untrusted files in the codebase and project documentation.
  • Ingestion points: Subagents read docs/<ISSUE_SLUG>-tasks.md and various project source files to generate planning artifacts.
  • Boundary markers: There are no instructions to use delimiters or 'ignore' directives to prevent instructions embedded within the codebase or task plans from influencing the agent's behavior.
  • Capability inventory: Across all subagents, capabilities are limited to reading project files and writing markdown planning artifacts in the docs/ directory. The instructions explicitly forbid modifying product code, changing git state, or executing shell commands.
  • Sanitization: No input validation or sanitization is performed on the content read from the repository before it is processed by the planning subagents.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 01:30 AM