beads
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed as a productivity tool for managing complex task graphs. All identified behaviors align with its stated purpose of providing persistent memory for AI agents.
- [COMMAND_EXECUTION]: The skill utilizes a custom command-line interface,
bd, to manage its internal SQLite and JSONL databases. These commands are tactical and restricted to issue management functions such ascreate,update,list, andshow. - [PROMPT_INJECTION]: The skill features a "Compaction Survival" mechanism (documented in
SKILL.mdandreferences/WORKFLOWS.md) where the agent is instructed to readnotesanddescriptionfields from the issue database to reconstruct context after conversation history is deleted. While these fields are an ingestion point for external data that could technically contain indirect instructions, the skill handles them as trusted project metadata and provides clear guidelines on how the agent should structure and interpret this information. - [EXTERNAL_DOWNLOADS]: The
bd synccommand facilitates synchronization of the issue tracker via standard Git operations (pullandpush). This is the intended behavior for team-based or multi-device task tracking and does not involve downloading untrusted executable code.
Audit Metadata