Skills
skills/cristoslc/swain/swain-status/Gen Agent Trust Hub

swain-status

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFE
Full Analysis
  • [DYNAMIC_EXECUTION]: The skill uses the find command to locate and execute its own scripts and scripts from related skills within the project structure. This logic is confined to the project's repository and agent skill directories.
  • [EXTERNAL_DOWNLOADS]: Communicates with GitHub's official API via the gh CLI to fetch issue tracking data. This is used solely for project status reporting and targets a well-known, trusted service.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes data from GitHub issues and local artifact files.
  • Ingestion points: GitHub API output (via gh CLI) and specgraph JSON cache.
  • Boundary markers: Data is formatted into markdown tables; relies on agent's internal safety guidelines for processing untrusted strings.
  • Capability inventory: Execution of local bash and python scripts.
  • Sanitization: Uses jq to handle JSON data and ensure string integrity.
  • [COMMAND_EXECUTION]: Runs local scripts and standard system utilities like git, python3, jq, and gh to aggregate project metadata.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 02:18 AM