ratchet
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the "ao" CLI and standard Unix utilities ("cat", "echo", "tail") to manage and report on the state of a development workflow. These commands are restricted to local operations within the project directory.
- [PROMPT_INJECTION]: The skill reads workflow state from ".agents/ao/chain.jsonl", creating a potential surface for indirect prompt injection if the file content is externally influenced.
- Ingestion points: ".agents/ao/chain.jsonl"
- Boundary markers: Absent
- Capability inventory: Local shell command execution ("ao", "cat", "echo")
- Sanitization: Absent; relies on local file integrity
Audit Metadata