planning-workflows
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted user-provided requirements to generate documentation and implementation plans, creating a potential surface for indirect prompt injection.\n
- Ingestion points: User requirements entering the workflow as described in
references/source-commands.md.\n - Boundary markers: No explicit delimiters or boundary markers for isolating user-supplied requirement text were found.\n
- Capability inventory: The skill utilizes the
interactiveDialogtool and performs file system writes to thespecs/directory.\n - Sanitization: No sanitization or validation mechanisms for user-provided text are implemented in the logic.
Audit Metadata