project-charter
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use
git config --get remote.origin.urlto derive a project slug. This is a standard, read-only development operation used to suggest relevant metadata for the document. - [DATA_EXFILTRATION]: The workflow involves writing project documentation to the local
docs/requirements/directory. This process is governed by a strict requirement for user confirmation before any disk operations occur, preventing unauthorized data leakage. - [PROMPT_INJECTION]: The instructions include a structured 'Four-Beat Rhythm' (Orient, Work, Present, Approval) and explicit boundary markers such as
<HARD-GATE>. These mechanisms ensure that the agent remains focused on incremental drafting and cannot be manipulated into generating bulk content or performing actions without oversight.
Audit Metadata