planning
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill orchestrates multiple specialized tools and agents, such as
codebase-locator,codebase-analyzer, andcontext7, to perform research. It also invokes internal sub-skills likedesplega:reviewinganddesplega:learningfor workflow management. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it reads external files from the codebase and research documents to generate implementation plans.
- Ingestion points: The skill reads all mentioned files and directories identified during research tasks, as well as the local
~/.agentic-learnings.jsonfile. - Boundary markers: There are no explicit instructions to the agent to treat external file content as untrusted or to use specific delimiters.
- Capability inventory: The skill has the ability to write plan files to the
thoughts/directory and propose commands for implementation. - Sanitization: The skill does not describe any sanitization or validation logic for the content read from files.
Audit Metadata