doubt-driven-development
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides guidelines for the agent to execute shell commands using external tools (e.g.,
gemini,codex). It incorporates robust security practices by requiring the agent to confirm every command with the user, check for binary presence viawhich, and prevent shell injection by writing content to temporary files and using stdin pipes instead of command-line arguments. - [SAFE]: The instructions demonstrate a defensive posture against indirect prompt injection. The skill explicitly warns that input artifacts or contracts may contain malicious instructions and recommends the use of read-only sandboxes to protect the local environment during cross-model reviews.
Audit Metadata