policy-algebra
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill operates locally and follows a predictable execution flow. It does not perform network operations or access sensitive credentials.\n- [COMMAND_EXECUTION]: The skill executes its internal logic via a TypeScript CLI tool to perform rule verification tasks.\n
- Evidence:
pnpm exec tsx .claude/skills/policy-algebra/lib/cli.ts verifyis used for drift detection and canonicalization.\n - Context: This is an intended functionality for processing governance rules within the local environment.\n- [PROMPT_INJECTION]: The skill processes untrusted input to generate rules, creating a surface for indirect prompt injection.\n
- Ingestion points: User-provided intent strings and local file contents are used as input for drafting governance rules.\n
- Boundary markers: Data is interpolated into the
/grill-meskill's instructions within quotes to separate user intent from the agent's procedural instructions.\n - Capability inventory: The skill has the ability to read and write files and invoke other local skills like
/grill-meand/review-loop.\n - Sanitization: No explicit filtering or sanitization of input data is performed, relying instead on the agent's internal safety filters and the review loop process.
Audit Metadata