Skills
skills/sanxzy/skills/lets-heavy-discussion/Gen Agent Trust Hub

lets-heavy-discussion

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill manages a decision tree locally within the .plans/discussion/ directory. It uses standard local search tools (Grep, Glob) to gather context and does not utilize the network or external dependencies.\n- [COMMAND_EXECUTION]: The skill creates and updates its own state files (STATE.md, TRANSCRIPT.md, FINAL.md) and can modify .gitignore at the user's request. These operations are transparently documented and limited to the skill's stated purpose.\n- [PROMPT_INJECTION]: An indirect prompt injection surface exists because the skill reads content from the local repository to answer questions.\n
  • Ingestion points: Repository files accessed via Read, Grep, and Glob tools.\n
  • Boundary markers: Absent.\n
  • Capability inventory: Local file system writes to .plans/ and .gitignore, and user interaction via AskUserQuestion.\n
  • Sanitization: None identified for processed file content.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 11:38 PM
Security Audit — agent-trust-hub — lets-heavy-discussion