paperclip-converting-plans-to-tasks
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill consists entirely of markdown-based instructions and behavioral guidelines. There are no scripts, binaries, or automated tool calls defined within the skill file.
- [PROMPT_INJECTION]: The skill defines a workflow for processing planning documents. This introduces a surface for indirect prompt injection where malicious instructions embedded in a plan could attempt to influence the agent's task-creation logic.
- Ingestion points: Processes external planning documents (referenced in SKILL.md).
- Boundary markers: No specific delimiters or "ignore instructions" wrappers are defined within this instruction set.
- Capability inventory: The instructions guide the agent in defining task relationships, assignees, and issue fields such as
blockedByIssueIdsandparentIdvia unspecified external tools. - Sanitization: No content validation or sanitization of the input plan is described.
Audit Metadata