bb-checklist
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE]: The skill accesses project-specific files such as
spec.md,plan.md, andtasks.mdwithin a user-definedFEATURE_DIR. This is consistent with its stated purpose of analyzing requirements. - [COMMAND_EXECUTION]: The instructions include a note on shell escaping for arguments (e.g., handling single quotes), which is a best practice for preventing command injection in environments where these arguments might be passed to a shell, rather than a malicious pattern.
- [INDIRECT_PROMPT_INJECTION]: The skill processes external data from project files which could theoretically contain malicious instructions.
- Ingestion points: Reads
spec.md,plan.md, andtasks.mdfrom the local filesystem. - Boundary markers: None explicitly defined for the ingested text.
- Capability inventory: Limited to reading files and writing markdown checklists to the
FEATURE_DIR/checklists/directory. - Sanitization: No specific sanitization logic is mentioned for the ingested text, though the skill is instructed to summarize content rather than output it raw.
Audit Metadata