verification-before-completion
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The skill uses strong, imperative language such as 'The Iron Law' and 'Non-negotiable.' However, these instructions are aimed at preventing the agent from prematurely claiming success, which enhances task integrity rather than bypassing safety protocols.
- [Remote Code Execution] (SAFE): No remote scripts, package installations (npm/pip), or external URLs are present in the skill.
- [Data Exposure & Exfiltration] (SAFE): The skill does not access sensitive local files or perform any network requests to external domains.
- [Indirect Prompt Injection] (LOW): While the skill encourages the agent to read external data (test outputs, VCS diffs), which is a potential injection surface, the skill itself provides no mechanisms to execute instructions found within that data. It serves as a meta-instruction for accuracy.
Audit Metadata