local-dev
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes local shell scripts (dev-runner.sh, opik.sh) and industry-standard tools (docker, mvn, npm, lsof) for environment management. These actions are appropriate for the skill's stated purpose and are executed within the local development context.\n- [PROMPT_INJECTION]: The skill monitors local log files, which presents a surface for indirect prompt injection.\n
- Ingestion points: Log files located at /tmp/opik-backend.log and /tmp/opik-frontend.log.\n
- Boundary markers: None; the agent reads raw log content.\n
- Capability inventory: Ability to execute subprocesses for building code and managing local services.\n
- Sanitization: Not present; log content is not sanitized or validated before processing.
Audit Metadata