Skills
skills/satone7/skills/aitc-workflow-plan/Gen Agent Trust Hub

aitc-workflow-plan

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes Git commands, specifically 'git add' and 'git commit', to manage the lifecycle of planning documents and task directories. These operations are transparently described and serve the intended purpose of the workflow.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it reads and interprets external data that could be attacker-controlled.
  • Ingestion points: The skill reads project context from the 'CLAUDE.md' file in step 1.1.
  • Boundary markers: None identified; the skill does not use specific delimiters or 'ignore' instructions when reading the project file.
  • Capability inventory: The skill is capable of writing to the local file system, executing shell commands, and invoking other agent skills.
  • Sanitization: The skill does not implement sanitization or validation for the content read from external files before it is processed by the AI model.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 08:52 AM