z-coding
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill follows established engineering practices and uses local resources for all operations. No evidence of obfuscation or data exfiltration was found.\n- [COMMAND_EXECUTION]: The skill instructs the agent to use the 'z-git' tool for repository management and branch lifecycle control, which is appropriate for a software development task.\n- [INDIRECT_PROMPT_INJECTION]: The skill has a potential surface for indirect prompt injection as it processes content from repository files.\n
- Ingestion points: docs/product/reviewed, docs/engineering/rules.md, and contract/ directories.\n
- Boundary markers: None explicitly used to isolate document content from instructions.\n
- Capability inventory: git branch creation, file modification, and subagent orchestration.\n
- Sanitization: The workflow incorporates mandatory human review of Pull Requests prior to code integration.
Audit Metadata