Skills
skills/sanxzy/skills/generate-complete-plan/Gen Agent Trust Hub

generate-complete-plan

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a bundled TypeScript CLI tool (generate-complete-plan-state.ts) using npx tsx to manage a persistent state file (STATE.md).
  • [PROMPT_INJECTION]: The skill demonstrates an attack surface for indirect prompt injection because it reads and processes untrusted requirement documents into the agent context.
  • Ingestion points: Reads content from .plans/<feature>/prd.md and .plans/discussion/<feature>/FINAL.md.
  • Boundary markers: Absent; the instructions do not specify delimiters or provide warnings to ignore instructions embedded within the PRD files.
  • Capability inventory: The skill can perform file system writes and execute a local CLI tool.
  • Sanitization: None; requirements from the PRD are used directly to generate the implementation plan and acceptance criteria.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 09:37 AM
Security Audit — agent-trust-hub — generate-complete-plan