readiness-report
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [Command Execution] (SAFE): The skill executes internal Python scripts (scripts/analyze_repo.py and scripts/generate_report.py) to gather repository signals. These actions are transparent and necessary for the skill's primary function of generating a readiness report.- [Indirect Prompt Injection] (LOW): The skill scans external repository content, including documentation files like README.md and AGENTS.md. This represents a surface for indirect prompt injection if a processed repository contains malicious instructions. However, this is a common risk for repository analysis tools and is mitigated by the agent's core safety filters.
- Ingestion points: Files in the repository being analyzed via scripts/analyze_repo.py.
- Boundary markers: None explicitly defined in the provided instructions.
- Capability inventory: Execution of local Python scripts, scanning filesystem, and potentially writing files during 'Automated Remediation'.
- Sanitization: Not explicitly described in the provided markdown files.
Audit Metadata