plan-review-wrapup
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installation instructions reference fetching the skill from the author's repository (ChristopherAlphonse/calphonse-skills) via npx.
- [PROMPT_INJECTION]: The skill processes planning review data to generate a synthesis artifact, creating a potential surface for indirect prompt injection. A malicious actor could theoretically embed instructions in a plan review section to influence the agent's summary or task generation. 1. Ingestion points: Input plan review sections (SKILL.md). 2. Boundary markers: None specified to delimit ingested content from instructions. 3. Capability inventory: Read, Write, and Bash tools (SKILL.md). 4. Sanitization: No sanitization or validation of the ingested review content is specified before interpolation into the final document.
Audit Metadata