writing-plans
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted input in the form of specifications to generate implementation plans containing shell commands for testing and version control. This presents an indirect prompt injection vulnerability where malicious input could lead to the generation of harmful commands for subsequent execution agents.\n
- Ingestion points: Software specifications and requirements documents (SKILL.md).\n
- Boundary markers: The skill lacks explicit markers or instructions to isolate untrusted input from the agent's core instructions.\n
- Capability inventory: Generates plans with
bunandgitcommands; utilizesgh issue commentfor external communication.\n - Sanitization: No validation or sanitization of input requirements is specified.\n- [COMMAND_EXECUTION]: The skill utilizes the GitHub CLI (
gh) to automate the posting of plans as comments, which involves executing system commands and network interaction.
Audit Metadata