Skills
skills/duc01226/easyplatform/plan-ci/Gen Agent Trust Hub

plan-ci

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads CI logs from GitHub Actions based on a user-provided URL in the $ARGUMENTS field. This is a core functional requirement of the skill.
  • [PROMPT_INJECTION]: The skill is subject to potential indirect prompt injection due to the processing of external log content which is not controlled by the user or the skill author.
  • Ingestion points: External GitHub Actions logs are ingested into the agent context for analysis (SKILL.md).
  • Boundary markers: Absent; there are no instructions to delimit the log content or ignore instructions found within the logs.
  • Capability inventory: The skill uses the planner subagent, creates files (plan.md), and manages work via the TaskCreate tool.
  • Sanitization: Absent; the log content is processed directly to identify root causes and generate implementation plans.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 07:25 AM
Security Audit — agent-trust-hub — plan-ci