app-planner

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill exhibits an indirect prompt injection attack surface as it is designed to read and analyze untrusted user codebase files using tools like Glob and Grep. This is necessary for its primary purpose of auditing existing applications.
  • Ingestion points: The skill uses Glob and Grep in the 'Analysis Process for Existing Apps' section of SKILL.md to discover project structure and evaluate code quality.
  • Boundary markers: The instructions do not currently include explicit boundary markers or warnings for the agent to ignore instructions embedded within the analyzed code.
  • Capability inventory: The skill has Write permissions to create documentation files, which could be misused if the agent were influenced by malicious instructions in the analyzed files.
  • Sanitization: No explicit sanitization of content read from the user codebase is mentioned in the instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 05:18 PM
Security Audit — agent-trust-hub — app-planner