Skills
skills/sirn/dotfiles/code-plan/Gen Agent Trust Hub

code-plan

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the jj diff command to inspect local code changes, which is a standard operation for its development-oriented purpose.
  • [EXTERNAL_DOWNLOADS]: It utilizes WebSearch and WebFetch to retrieve external documentation and best practices, facilitating research-backed planning.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection from processed data. 1. Ingestion points: Source code analyzed via jj diff and external data from WebSearch and WebFetch. 2. Boundary markers: No explicit delimiters or instructions are used to separate untrusted data from the agent prompt. 3. Capability inventory: Local command execution (jj diff), network access (WebFetch), and task delegation (spawning sub-agents). 4. Sanitization: No explicit sanitization or filtering of ingested content is performed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 11:49 AM
Security Audit — agent-trust-hub — code-plan