step-running
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes automated verification commands defined within project step files as part of its 'Step 4: Run Verification' process. This capability is used to confirm the correctness of implemented changes.\n- [COMMAND_EXECUTION]: A PostToolUse hook triggers a local Python script ('plan_checkbox_reminder.py') located within the plugin root to automate project management tasks.\n- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by ingesting and acting upon instructions from external plan files.\n
- Ingestion points: The agent reads 'step-.md', 'root.md', and files specified in the 'Changes Required' section.\n
- Boundary markers: No explicit delimiters or warnings to ignore embedded instructions are utilized when reading these files.\n
- Capability inventory: The agent has the authority to execute shell commands and modify files.\n
- Sanitization: No validation or filtering is applied to the content of the read files before it influences agent behavior or command execution.
Audit Metadata