core-posture
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the agent to execute shell commands, specifically
git log, to analyze project history and development idioms during the onboarding phase. - [PROMPT_INJECTION]: Employs role-play techniques ('Principal Consultant') and behavioral directives that instruct the agent to 'HALT' and prioritize the provided engineering standards over user requests in case of conflict.
- [SAFE]: The skill actively mandates security and reliability practices, such as masking PII in logs, validating environment variables using schemas (Zod), and preventing SQL injection by requiring parameter binding in database queries.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface due to its requirement to process untrusted codebase data.
- Ingestion points: The agent analyzes codebase files and git history during the 'Era Discovery' and 'Substrate Audit' phases (SKILL.md).
- Boundary markers: Uses a rule of precedence that anchors all decisions in the 'Dossier' and 'Canon' (references/08-principal-mindset.md).
- Capability inventory: The skill has access to shell execution for git commands and standard file read/write operations (SKILL.md).
- Sanitization: Proactively recommends schema-based validation for external data and environment variables (references/09-calibration-diffs.md).
Audit Metadata