planning-with-files
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks detected. The skill follows established productivity patterns for AI agent task management using local file persistence.\n- [COMMAND_EXECUTION]: The skill uses local shell scripts (
scripts/init-session.shandscripts/check-complete.sh) to automate the creation and verification of planning files. These scripts use standard tools likegrepandcatfor routine operations without unsafe input handling or elevated permissions.\n- [PROMPT_INJECTION]: The skill records external research and browser data in planning files, creating a surface for potential indirect prompt injection.\n - Ingestion points: Untrusted external data from research and web browsing is stored in
findings.md.\n - Boundary markers: Templates use Markdown headers and HTML comments to structure information.\n
- Capability inventory: The skill possesses file read/write capabilities and local shell script execution.\n
- Sanitization: Research data is interpolated into markdown files without explicit sanitization or validation.
Audit Metadata