Skills
skills/gendosu/agkan-skills/execute-planning/Gen Agent Trust Hub

execute-planning

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. Malicious instructions contained within a backlog task's title or body could be executed by the sub-agent tasked with reviewing it.
  • Ingestion points: Task metadata (ID, title, body) retrieved via agkan task list and agkan task get in SKILL.md.
  • Boundary markers: Absent. External task data is interpolated directly into the Task tool prompt without delimiters or protective instructions.
  • Capability inventory: The skill uses agkan to modify tasks (changing status, adding tags, decomposing tasks) and spawns general-purpose sub-agents.
  • Sanitization: None. Task content is used verbatim in sub-agent prompts.
  • [COMMAND_EXECUTION]: The skill executes shell commands using the agkan CLI to interact with task data. While this is the intended functionality of the skill, these commands process data that originates from potentially untrusted task descriptions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 06:42 AM