execute
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The instructions focus on task classification and execution routing. There are no patterns suggesting safety filter bypasses, instruction overrides, or system prompt extraction attempts.
- [DATA_EXFILTRATION]: The skill does not access sensitive directories (e.g., .ssh, .aws) or perform unauthorized network operations. Use of tools is limited to the local codebase context.
- [COMMAND_EXECUTION]: Shell access via the Bash tool is explicitly restricted to validation tasks such as typechecking, running tests, or building the project, which is standard behavior for development-oriented skills.
- [EXTERNAL_DOWNLOADS]: No external dependencies, remote scripts, or third-party package managers are utilized in the skill definition.
- [OBFUSCATION]: The content in both SKILL.md and SKILL.ko.md is presented in clear text. No Base64 encoding, zero-width characters, or hidden URL patterns were identified.
- [INDIRECT_PROMPT_INJECTION]: The skill acts as an execution engine that processes untrusted codebase data.
- Ingestion points: Local codebase files accessed via Read/Grep/Glob and user task descriptions in SKILL.md.
- Boundary markers: The skill requires the use of
sequential-thinkingto plan actions before execution, which serves as a cognitive boundary. - Capability inventory: File writing (Edit/Write) and shell command execution (Bash) are used for implementation and verification in SKILL.md.
- Sanitization: The skill relies on agent-led validation (test/build) rather than explicit data sanitization filters.
Audit Metadata