writing-plans
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the processing of external requirement specifications, creating a surface for indirect prompt injection. Maliciously crafted specifications could potentially contain instructions aimed at influencing the generated implementation plan.
- Ingestion points: The skill reads input from a specification file during plan generation (SKILL.md) and during the review process (plan-document-reviewer-prompt.md).
- Boundary markers: No specific delimiters or "ignore instructions" warnings are used to isolate the specification content from the agent's core instructions.
- Capability inventory: Generated plans include instructions for file system operations and terminal command execution (git, pytest).
- Sanitization: No sanitization or validation mechanisms are defined for the input specifications.
- [NO_CODE]: This skill consists of markdown instructions and templates and does not ship with any executable scripts or binary files.
Audit Metadata