dev-wrapup
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes conversation history and existing documentation to identify improvement signals. While this represents a surface for indirect prompt injection, the risk is mitigated by a mandatory human-in-the-loop review step and explicit quality filters.\n
- Ingestion points: Conversation history and project documentation files (e.g., CLAUDE.md).\n
- Boundary markers: None explicitly defined for raw data, but the classification logic and user review step provide logical boundaries.\n
- Capability inventory: Uses Bash, Read, Write, and Edit tools to discover, analyze, and update files.\n
- Sanitization: Includes explicit privacy rules to strip secrets, credentials, and absolute paths before writing data.\n- [COMMAND_EXECUTION]: Executes a local discovery script (scripts/discover.sh) to locate the project root and scan for specific metadata directories. The script uses standard utilities and follows best practices for path safety.
Audit Metadata