Skills
skills/jasonharmongit/jh-skills/implement-next-phase/Gen Agent Trust Hub

implement-next-phase

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and acting upon instructions found in external 'sketch plan' files.
  • Ingestion points: The skill reads external plan files in Step 1 of the 'First actions' section in SKILL.md.
  • Boundary markers: No specific delimiters or safety warnings are used to distinguish plan content from system instructions.
  • Capability inventory: The skill utilizes file reading and repository search capabilities during preparation, and file modification capabilities ('edit application code, tests, config, or assets') after approval.
  • Sanitization: No explicit sanitization or validation of the plan file's content is performed before processing.
  • [SAFE]: The skill includes a non-negotiable safety constraint requiring explicit user approval (e.g., 'go ahead', 'implement') before any modifications to application code, tests, config, or assets are performed.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 07:33 PM
Security Audit — agent-trust-hub — implement-next-phase