Skills
skills/ericgrill/agents-skills-plugins/executing-plans/Gen Agent Trust Hub

executing-plans

Pass

Audited by Gen Agent Trust Hub on Apr 25, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by design. It requires the agent to read an external 'plan file' and execute its contents.
  • Ingestion points: Step 1 instructions require the agent to read a plan file.
  • Boundary markers: There are no instructions to use delimiters or ignore potentially malicious embedded instructions within the plan file.
  • Capability inventory: The skill allows the agent to 'execute all tasks' and 'follow each step exactly', which typically grants the agent authority to perform file system operations and command execution based on the plan's content.
  • Sanitization: The process lacks a verification or sanitization step to ensure the plan file does not contain malicious instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 25, 2026, 07:14 PM
Security Audit — agent-trust-hub — executing-plans