project-planner
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill's primary function is to generate PROJECT-OVERVIEW.md and SPECIFICATIONS.md files based on predefined markdown templates.
- [COMMAND_EXECUTION]: Mentions of shell commands (e.g.,
/lazy plan,export LAZYDEV_...) are provided as documentation for user interaction and configuration of the tool, rather than being executed silently or dangerously by the agent. - [CREDENTIALS_UNSAFE]: References to credentials like 'jwt_token_here', 'hashed_password', and 'api_key' are used exclusively as placeholders within JSON response examples and code templates, posing no risk to actual user secrets.
- [DATA_EXFILTRATION]: No exfiltration patterns were found. Architectural references to AWS, S3, and external APIs are part of the documentation templates generated for the user's software projects.
Audit Metadata