mcaf-human-review-planning
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to analyze AI-generated code drops, which are untrusted data sources. This creates a surface for indirect prompt injection where malicious instructions hidden in the code could attempt to manipulate the agent's review planning output.
- Ingestion points: The skill reads files from target folders and feature areas within the repository to understand the code before planning.
- Boundary markers: There are no explicit markers or instructions provided to isolate the untrusted code content from the agent's internal instructions.
- Capability inventory: The skill utilizes repository read access and has the ability to write a HUMAN_REVIEW_PLAN.md file to the filesystem.
- Sanitization: No sanitization or validation of the analyzed code content is described in the workflow.
Audit Metadata