Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/apex-plan/Gen Agent Trust Hub

apex-plan

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) due to its core function of processing external data (user requests) using high-privilege tools.
  • Ingestion points: Untrusted project descriptions and feature requests provided by the user (SKILL.md).
  • Boundary markers: None identified in the prompt instructions to isolate untrusted content.
  • Capability inventory: The skill is configured with access to Bash, Write, Edit, and WebFetch (SKILL.md allowed-tools).
  • Sanitization: There are no instructions for validating, escaping, or filtering the ingested content before it is processed by specialists.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 01:39 PM