quick-plan
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface.
- Ingestion points: The skill mines the entire conversation session (history) to reconstruct an 'Intent Brief' (Goal, Must-haves, Constraints) used in subagent instructions and the final plan.
- Boundary markers: The skill does not implement clear boundary markers or instructional wrappers to distinguish user-provided data from system instructions when delegating tasks to subagents via the fanout-brief.md template.
- Capability inventory: The skill has the capability to write implementation plans to the filesystem (.beagle/plans/) and initiate subagent calls or subsequent agent sessions via referenced skills.
- Sanitization: There is no evidence of sanitization, filtering, or validation of the content extracted from the conversation before it is used to form goals for subagents or the implementation plan.
Audit Metadata