Skills
skills/code-yeongyu/oh-my-opencode/hyperplan/Gen Agent Trust Hub

hyperplan

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill incorporates unsanitized user planning requests into the prompts for sub-agents, creating a surface for indirect prompt injection.\n
  • Ingestion points: User-provided requests are processed in SKILL.md and forwarded to team members via orchestration tools.\n
  • Boundary markers: User requests are wrapped in <user-request> tags.\n
  • Capability inventory: Orchestration relies on platform-internal tools including team_create, team_send_message, and the task tool. There is no evidence of high-risk tool usage, such as network access or arbitrary shell execution, by the sub-agents or the lead agent.\n
  • Sanitization: No input validation or escaping is applied to the user-supplied content before interpolation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 02:52 AM