writing-plans
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill functions as a template for organizing software development tasks and generating implementation documentation.
- [PROMPT_INJECTION]: The skill includes an attack surface for indirect prompt injection as it processes external specifications. This is inherent to its primary purpose and is managed by the agent's context boundaries. The analysis of this surface is provided below:
- Ingestion points: User-provided specifications or requirements documents are processed within
SKILL.mdto generate plans. - Boundary markers: The prompt template does not define explicit delimiters for untrusted input data.
- Capability inventory: The skill's primary capability is text and code generation for documentation purposes. It references separate skills for task execution, maintaining a separation of concerns.
- Sanitization: No sanitization of the input specification is performed within this skill.
Audit Metadata