Skills
skills/ibrahim-3d/orchestrator-supaconductor/loop-plan-evaluator/Gen Agent Trust Hub

loop-plan-evaluator

Pass

Audited by Gen Agent Trust Hub on Apr 6, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted input from plan.md and spec.md to evaluate plan validity and determine workflow progression. This creates an attack surface for indirect prompt injection where instructions embedded within these files could mislead the agent's reasoning.
  • Ingestion points: Reads plan.md, spec.md, conductor/tracks.md, and metadata.json from the local environment.
  • Boundary markers: The instructions do not define delimiters or specific 'ignore' directives to separate the planning data from the evaluator's system instructions.
  • Capability inventory: The agent updates the project state by writing to metadata.json and directs the control flow by triggering either the loop-executor or loop-planner agents.
  • Sanitization: No input validation or sanitization routines are mentioned for the content of the markdown files before they are parsed for evaluation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 6, 2026, 05:54 PM
Security Audit — agent-trust-hub — loop-plan-evaluator