ace-shaping
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides Python scripts (
scripts/build.py,scripts/engine.py) for assembling documentation and scaffolding new skill structures. These scripts use standard library functions likepathlibandjsonto read and write markdown and configuration files within the local workspace. - [EXTERNAL_DOWNLOADS]: The skill declares a dependency on the well-known
pydanticPython library for configuration validation. This is a standard practice and follows secure coding conventions for type safety. - [PROMPT_INJECTION]: The
AGENTS.mdandcontent/files contain instructional logic that guides the AI agent's workflow (e.g., 'Strategy Phase first', 'Work in slices'). These are standard operational guardrails to ensure the agent follows the methodology and do not attempt to bypass core system safety filters. - [DATA_EXFILTRATION]: No network-enabled operations or sensitive file access patterns were detected. The skill's operations are confined to the defined workspace and engine directories.
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to process 'source material' (user-provided requirements) into structured models.
- Ingestion points: The agent reads user-provided text or markdown files specified in the
context_paths. - Boundary markers: The instructions do not explicitly specify boundary markers for untrusted input, though the process involves iterative human review of each slice.
- Capability inventory: The skill can write markdown files and directory structures to the local disk via its associated scripts (
engine.py). - Sanitization: There is no explicit sanitization of input text before it is processed by the LLM for domain modeling.
Audit Metadata