Skills
skills/cristoslc/swain/governance/Gen Agent Trust Hub

governance

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill performs persistent instruction injection by modifying project context files (CLAUDE.md or .cursor/rules/swain-governance.mdc). These injected instructions are designed to override the agent's default operational logic:
  • They mandate that the agent must "ALWAYS" use the spec-management skill for documentation and "do not improvise artifact creation."
  • They explicitly forbid the use of "built-in agent todos" or "markdown TODOs," forcing the agent to use the execution-tracking skill and an external tool called bd (beads) instead.
  • The instructions use high-authority markers like "MANDATORY" and "do not edit this block manually" to ensure compliance and persistence.
  • [COMMAND_EXECUTION]: The skill uses the bash tool to execute grep, checking for the existence of governance strings in the project root to determine if installation is required.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 04:37 PM