sparc-planning
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected across any of the analyzed files. The skill consists entirely of Markdown documentation, templates, and reference guides for the SPARC planning methodology.
- [PROMPT_INJECTION]: There are no instructions that attempt to override AI safety guidelines, bypass restrictions, or extract system prompts. The instructions are focused on improving the quality of software implementation plans.
- [DATA_EXFILTRATION]: No hardcoded credentials, sensitive file path access, or unauthorized network operations were identified. The documentation correctly identifies best practices for secret management using environment variables.
- [REMOTE_CODE_EXECUTION]: The skill does not perform any remote code downloads or execution. References to external libraries (such as bcrypt or jwt-go) are mentioned only as standard industry examples in documentation templates.
- [COMMAND_EXECUTION]: The skill utilizes legitimate agent tools like check-history for context gathering and suggests the use of standard development tools (git, gh) as part of a development workflow, with no signs of malicious command injection.
Audit Metadata