sparv
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Workflow Management (SAFE): The skill implements a 'Specify-Plan-Act-Review-Vault' workflow using localized bash scripts and a state machine stored in
.sparv/. All file operations are restricted to the project root and the.sparvdirectory. - Security Tooling (SAFE): The
check-ehrb.shscript is a proactive safety feature that scans git diffs and file contents for high-risk patterns such as production credentials, PII, destructive commands (e.g.,rm -rf), and billing APIs, requiring explicit user confirmation before proceeding. - Command Execution (SAFE): While the skill executes local bash scripts via hooks (defined in
hooks/hooks.json), these scripts are part of the skill's own package and perform routine tasks like session archiving, progress saving, and failure tracking. No remote code execution or suspicious subprocess spawning was detected. - Indirect Prompt Injection (LOW): The skill ingests untrusted data from the codebase and git diffs via
check-ehrb.sh. However, this data is only used for keyword matching (grepping) and writing status flags to a YAML file, presenting a minimal risk surface. Boundary markers for external data are absent, but the capabilities associated with the ingestion point are non-executable.
Audit Metadata