execution-guardian
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes command-line tools including uv, pnpm, git, and alembic to execute tests, check system status, and manage database migrations during safety validation gates.
- [EXTERNAL_DOWNLOADS]: The skill references package managers like pnpm and uv for tasks such as audit checks and dry-run installations, which involves interacting with external package registries.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it analyzes external code diffs and operation descriptions to generate risk scores and suggested fixes.
- Ingestion points: Analysis of code diffs and proposed operation text in SKILL.md.
- Boundary markers: Absent; no explicit delimiters are defined to separate untrusted data from processing instructions.
- Capability inventory: Execution of subprocess commands (uv, pnpm, git, alembic) and an automated self-healing mechanism that applies suggested fixes.
- Sanitization: No validation or sanitization of the generated 'FIX' string is specified before automatic execution in low-risk scenarios.
Audit Metadata