development-planning-writer
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted data from external websites during its research phase (Step 5, 04-source-log.md) and incorporates this information into generated planning documents. This creates a surface for indirect prompt injection, where malicious instructions on a searched webpage could attempt to influence the agent's behavior. The skill lacks explicit boundary markers or sanitization for this interpolated data, although the risk is mitigated by the absence of high-privilege capabilities such as arbitrary code execution or access to sensitive local files.
- [NO_CODE]: The skill consists entirely of markdown instructions and reference templates. It does not contain any executable scripts, binaries, or automated code snippets.
- [SAFE]: All external URL references point to official Chinese government domains (e.g., ndrc.gov.cn, gov.cn, sz.gov.cn), which are appropriate and recognized sources for the skill's intended purpose.
Audit Metadata