Skills
skills/szoloth/skill-pack/plan-ceo-review/Gen Agent Trust Hub

plan-ceo-review

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to perform a system audit, running local commands such as git log, git diff, and find to establish context regarding the project's history and current state before proceeding with the review.
  • [PROMPT_INJECTION]: The skill ingests data from local project files (e.g., CLAUDE.md, TODOS.md, and source code), creating a surface for potential indirect prompt injection. This risk factor is considered acceptable as it is necessary for the skill's primary function of reviewing project context.
  • Ingestion points: Reads local project files including CLAUDE.md, TODOS.md, architecture documentation, and source files (.rb, .js).
  • Boundary markers: There are no specific delimiters or instructions provided to the agent to disregard instructions embedded within these files.
  • Capability inventory: The agent has access to Bash, Read, Grep, Glob, and AskUserQuestion tools.
  • Sanitization: No sanitization or filtering is performed on the content read from the ingested files.
  • [SAFE]: The skill includes a reference to a well-known public repository on GitHub (github.com/garrytan/gstack) for attribution and licensing, which is treated as a safe reference under standard practices.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 09:47 PM
Security Audit — agent-trust-hub — plan-ceo-review