Skills
skills/duc01226/easyplatform/plan-fast/Gen Agent Trust Hub

plan-fast

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Node.js script using the command node .claude/scripts/set-active-plan.cjs {plan-dir}. While the script is part of the local environment, this pattern represents an execution of code with variable arguments.
  • [PROMPT_INJECTION]: User-provided input via the $ARGUMENTS variable is placed directly into the <task> block. This allows for potential prompt injection where malicious task descriptions could attempt to override agent constraints.
  • [PROMPT_INJECTION]: The skill processes untrusted codebase documentation, posing an indirect prompt injection risk. Ingestion points: User input and documentation files like backend-patterns-reference.md. Boundary markers: Employs <task> tags for user arguments but lacks delimiters for external project files. Capability inventory: File system operations and local script execution. Sanitization: No input validation or sanitization routines are identified.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 07:26 AM
Security Audit — agent-trust-hub — plan-fast