execution
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes 'verification commands' and 'quality gates' (format, lint, typecheck, test) derived from task files and project configurations.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by utilizing instructions from .planning/harness/tasks/TASK-{NNN}.md files as the primary prompt for agent sessions. 1. Ingestion points: Files at .planning/harness/tasks/TASK-{NNN}.md. 2. Boundary markers: Absent; the task file is used directly as the prompt. 3. Capability inventory: Execution of arbitrary shell commands for verification and testing. 4. Sanitization: Absent; the skill assumes task files are authoritative and safe to execute.
Audit Metadata