format-lint-assistant
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill uses 'make format' and 'make lint' to automate project maintenance tasks. These are standard local commands in software development and are used for their intended purpose.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill instructs the agent to use 'uv add --dev' to manage development dependencies such as type stubs. This involves downloading packages from standard registries, which is a common and safe practice in a development context.
- [SAFE] (SAFE): No evidence of prompt injection, data exfiltration, or obfuscation was found. The skill's instructions are clear, transparent, and align with its stated purpose.
- [SAFE] (SAFE): Indirect Prompt Injection Risk Assessment: 1. Ingestion points: Output from 'make lint' and mypy errors. 2. Boundary markers: Absent. 3. Capability inventory: Local command execution via 'make' and 'uv'. 4. Sanitization: None. The risk is evaluated as safe as the skill operates within a standard development environment on expected tool outputs.
Audit Metadata