plan-checker
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands (
find,ls) to locate project files and verify the existence of files referenced in plans. These operations are limited to standard file system checks and are consistent with the tool's validation purpose. - [DATA_EXPOSURE]: The skill accesses project-specific data including execution plans, design documents, and repository rules (CLAUDE.md) to perform its validation logic. This access is internal to the workspace and no external exfiltration patterns were observed.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes untrusted plan data and repository rule files.
- Ingestion points: Files loaded during the LOAD phase, including feature plans, design documents, and CLAUDE.md configuration files.
- Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded commands within the ingested plan data.
- Capability inventory: The skill uses Bash, Read, Grep, and Glob. It can execute file discovery and basic system inspection commands.
- Sanitization: There is no evidence of content sanitization or validation of the plan text before it is analyzed against the 10 dimensions.
Audit Metadata