governed-dev
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION] (SAFE): No instructions attempt to bypass safety filters or override agent constraints. The prompts focus on enforcing evidence-based verification and procedural rigor.
- [COMMAND_EXECUTION] (SAFE): Bash execution is strictly limited to a specific local directory (./scripts/claude/*), preventing the execution of arbitrary or malicious commands.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill configuration explicitly denies the use of network tools such as curl, wget, and alternative shells like powershell, mitigating the risk of unauthorized external communication or downloads.
- [DATA_EXFILTRATION] (SAFE): No hardcoded credentials, sensitive file path access, or exfiltration patterns were detected. Network access is disabled by policy.
- [INDIRECT_PROMPT_INJECTION] (SAFE): While the skill involves reading local files and artifacts, the restricted toolset and failure-handling logic minimize the risk of executing instructions embedded in data.
Audit Metadata