retrospective
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill facilitates legitimate development workflows by guiding structured team retrospectives (e.g., Start-Stop-Continue, Starfish) and generating markdown reports.
- [COMMAND_EXECUTION]: The documentation mentions the use of standard development tools like
gitandgh(GitHub CLI) to gather objective project data. These commands are used for read-only operations consistent with the skill's primary purpose. - [DATA_EXFILTRATION]: There are no indicators of sensitive data exfiltration. The skill reads local repository metadata and writes reports to a local
docs/retrospectives/directory, maintaining data within the local environment. - [EXTERNAL_DOWNLOADS]: The skill does not perform any external downloads of executable scripts or third-party packages. It relies on pre-existing system tools and project documentation.
- [PROMPT_INJECTION]: The skill defines a structured workflow that limits the impact of potentially malicious content found in ingested commit messages or issue descriptions. No explicit injection patterns or bypass instructions were detected.
Audit Metadata