gsdl-create-plan
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted content from Product Requirement Documents (PRD) to generate implementation plans. While this represents a surface for indirect prompt injection, the risk is mitigated by the skill's specific output format and a mandatory user confirmation phase.
- Ingestion points: Reads PRD files from the
.planning/[project-name]/tasks/directory. - Boundary markers: Absent; the skill does not explicitly use delimiters to separate instructions from PRD content during analysis.
- Capability inventory: The skill possesses file-writing capabilities to save generated task lists to the local disk.
- Sanitization: No explicit sanitization or filtering of the ingested PRD content is described.
- [COMMAND_EXECUTION]: The skill instructions include a reference to
npx jestwithin the output template for the generated markdown file. This is provided as instructional text for the developer implementing the plan and does not constitute a command execution request for the agent itself.
Audit Metadata