plan
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a structured technical planning workflow. It processes local project documentation and source code to generate task lists, which is its primary intended function.
- [DATA_EXPOSURE]: While the skill reads project files (code and specifications), it does so within the local context to create plans. There are no instructions or capabilities for transmitting this data to external or untrusted domains.
- [INDIRECT_PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it ingests untrusted data from
docs/<feature-slug>/spec.mdand project source code. - Ingestion points: Files located at
docs/<feature-slug>/spec.mdand general project code. - Boundary markers: None specified in the instructions.
- Capability inventory: File system write access to
docs/<feature-slug>/plan.md. - Sanitization: No explicit sanitization or filtering of input content is defined. However, the risk is negligible as the output is restricted to planning documentation and the skill operates on local project resources.
Audit Metadata