Skills
skills/fockus/claude-skill-build/harness-plan/Gen Agent Trust Hub

harness-plan

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute shell commands for gathering project context. These commands include git status, git log, git diff, cat, grep, tail, and jq to read planning files and system metadata.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its reliance on processing untrusted external data to influence agent actions.
  • Ingestion points: The skill reads data from Plans.md (user-editable task list), git log (commit messages), and .claude/state/agent-trace.jsonl (agent history log).
  • Boundary markers: No specific delimiters or "ignore instructions" warnings are provided to separate user-controllable data from the skill's operational instructions.
  • Capability inventory: The agent has access to Bash (command execution) and Write/Edit (file modification) tools while processing this data.
  • Sanitization: The instructions do not describe any filtering or validation of the input data before it is used to generate progress summaries or update task statuses.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 03:01 PM
Security Audit — agent-trust-hub — harness-plan