Skills
skills/dropseed/plain/plain-guide/Gen Agent Trust Hub

plain-guide

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the plain CLI tool via uv run to search framework documentation and public APIs. It also employs shell utilities like grep to examine source code. These operations are within the expected scope of a technical guide skill.
  • [PROMPT_INJECTION]: The skill processes external content from documentation and source code, creating an indirect prompt injection attack surface.
  • Ingestion points: SKILL.md (Processing output from plain docs, grep, and read tools)
  • Boundary markers: Absent
  • Capability inventory: SKILL.md (Subagent uses shell commands for CLI interaction and file searching)
  • Sanitization: Absent
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 12:29 PM