Skills
skills/codagent-ai/agent-skills/plan-tasks/Gen Agent Trust Hub

plan-tasks

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as its primary function involves reading external, potentially untrusted documentation to generate new instructions for AI agents.
  • Ingestion points: The skill reads proposal.md, design.md, and all files matching specs/**/*.md as described in Step 1.
  • Boundary markers: Absent; there are no instructions to use delimiters or ignore embedded prompts within the ingested artifact files.
  • Capability inventory: The skill has the capability to write multiple markdown files to the tasks/ directory and update the tasks.md index. It also directs the agent to research the codebase, which involves filesystem read capabilities.
  • Sanitization: The skill does not provide mechanisms for sanitizing or escaping content from source files before interpolating it into the generated task files.
  • [NO_CODE]: The skill consists entirely of instructional markdown and does not include any executable scripts, binaries, or configuration files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 03:48 AM