execute-plan
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to execute shell commands specified in implementation plans for verification purposes (defined in SKILL.md). This capability is restricted to local project validation and is gated by a final human confirmation step.\n- [PROMPT_INJECTION]: The skill ingests external data from implementation plans as authoritative instructions, creating an indirect prompt injection surface.\n
- Ingestion points: Plan files such as SUMMARY.md and phase-specific documents within the docs/plans/ directory.\n
- Boundary markers: Not present; instructions in SKILL.md emphasize strict adherence to the plan content.\n
- Capability inventory: Filesystem writes, shell command execution for verification, and git skill integration (documented in SKILL.md).\n
- Sanitization: No specific sanitization or validation of the instructions or commands contained within the plan files is performed.
Audit Metadata