planner
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a standard utility for project organization and planning. It does not contain any malicious instructions, obfuscation techniques, or hidden triggers.
- [COMMAND_EXECUTION]: The skill instructs the agent to use the 'request_user_input' tool and standard file-saving mechanisms to manage the planning lifecycle. These tool uses are consistent with the skill's stated purpose of gathering requirements and delivering a plan file.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it researches codebase content ('Phase 0: Research' in SKILL.md). Evidence Chain: (1) Ingestion points: Codebase investigation in SKILL.md; (2) Boundary markers: Absent; (3) Capabilities: File writing and user interaction; (4) Sanitization: Absent. However, the risk is mitigated by the explicit constraint 'Do NOT implement
- only create the plan', which prevents the agent from executing commands found during the research phase.
Audit Metadata