vibecoder-guide
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious patterns or security risks identified.
- [COMMAND_EXECUTION] (SAFE): The skill contains no scripts, shell commands, or subprocess calls.
- [EXTERNAL_DOWNLOADS] (SAFE): There are no references to external URLs, package managers, or remote script execution.
- [DATA_EXFILTRATION] (SAFE): No network-capable tools are requested. The 'allowed-tools' list is restricted to 'Read', and no sensitive file paths are accessed.
- [PROMPT_INJECTION] (SAFE): No instructions attempting to bypass safety filters or override agent behavior were found. The trigger phrases and logic are intended for user assistance.
- [INDIRECT_PROMPT_INJECTION] (LOW): While the skill reads project files ('AGENTS.md', 'Plans.md') which could potentially contain untrusted data, the skill's logic is limited to state analysis and providing template-based guidance. The 'Read' capability alone poses minimal risk in this context.
Audit Metadata