Skills
skills/kcchien/skills/planning-with-files/Gen Agent Trust Hub

planning-with-files

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses automated hooks to run local shell commands and scripts. The PreToolUse hook executes cat task_plan.md to refresh context, and the Stop hook runs check-complete.sh to verify task completion. These commands are localized to the project environment and support the skill's operational logic.
  • [PROMPT_INJECTION]: The skill automatically reads content from task_plan.md into the agent's context during tool usage.
  • Ingestion points: The PreToolUse hook in SKILL.md reads the first 30 lines of task_plan.md before executing Write, Edit, or Bash tools.
  • Boundary markers: Content is injected without specific delimiters or instructions to ignore embedded commands.
  • Capability inventory: The skill has access to Bash, Write, Edit, and WebFetch as defined in the YAML frontmatter.
  • Sanitization: There is no validation or sanitization of the file content before it is read into the context. This creates a surface for indirect instructions if the task plan file is modified by an external untrusted source.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 03:09 PM