app-planner
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill exhibits an indirect prompt injection attack surface as it is designed to read and analyze untrusted user codebase files using tools like
GlobandGrep. This is necessary for its primary purpose of auditing existing applications. - Ingestion points: The skill uses
GlobandGrepin the 'Analysis Process for Existing Apps' section ofSKILL.mdto discover project structure and evaluate code quality. - Boundary markers: The instructions do not currently include explicit boundary markers or warnings for the agent to ignore instructions embedded within the analyzed code.
- Capability inventory: The skill has
Writepermissions to create documentation files, which could be misused if the agent were influenced by malicious instructions in the analyzed files. - Sanitization: No explicit sanitization of content read from the user codebase is mentioned in the instructions.
Audit Metadata