intent-build-now
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes content from local files like INTENT.md and plan.md to drive the build and test process, creating an attack surface where malicious instructions in project docs could influence agent behavior.
- [Command Execution] (LOW): The workflow requires the agent to run shell commands such as 'pnpm test' and 'git commit'. While these are high-privilege operations, they are necessary for the skill's stated purpose as a build tool.
- [Dynamic Execution] (LOW): The agent is instructed to write implementation code and immediately execute tests against it. This runtime code generation and execution is a core feature of the TDD loop described in the skill.
Audit Metadata