team-project-management
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: A thorough analysis of the skill's code and documentation found no evidence of malicious intent or security vulnerabilities across all inspected threat categories.
- [COMMAND_EXECUTION]: The skill utilizes local bash scripts (
create-team-project.sh,resolve-dag.sh) to automate project management tasks. These scripts employjqwith the--argflag for safe data interpolation, effectively preventing command injection vulnerabilities. - [DATA_EXFILTRATION]: Communication with external storage is restricted to synchronizing project files with a MinIO backend using the official
mcutility. These operations are part of the intended functionality for team collaboration and use predefined storage paths. - [SAFE]: The system's dependency resolver parses the
plan.mdfile using structured regular expressions and processes the extracted data as immutable strings withinjq, mitigating risks from potentially malformed or adversarial task descriptions.
Audit Metadata