Skills
skills/howarewoo/woostack/woostack-plan/Gen Agent Trust Hub

woostack-plan

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is instructed to ingest and follow instructions from untrusted external files.
  • Ingestion points: The skill reads all files within .woostack/wisdom/*.md and the user-specified spec file in .woostack/specs/ (as defined in SKILL.md).
  • Boundary markers: No boundary markers, XML tags, or delimiters are specified to isolate the content of these external files from the agent's system instructions.
  • Capability inventory: The skill performs file system write operations by creating or amending markdown files in the .woostack/plans/ directory.
  • Sanitization: No validation, escaping, or filtering of the content from the wisdom or spec files is mentioned.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 04:06 PM
Security Audit — agent-trust-hub — woostack-plan