project-stage-detect
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified in the skill's logic or workflow.
- [COMMAND_EXECUTION]: The skill requests access to the Bash tool to perform routine file system operations, such as counting source files and estimating line counts. These actions are transparently documented as part of the project metrics analysis and are restricted to the local environment.
- [PROMPT_INJECTION]: The skill is subject to an indirect prompt injection surface because it processes untrusted data from project files (e.g., source code, design documents). This is a known risk for analysis-oriented skills, but it is mitigated by a mandatory collaborative protocol requiring user authorization for any file-writing actions. Ingestion points: project files scanned via Glob and Read in the design/, src/, production/, prototypes/, docs/, and tests/ directories. Boundary markers: absent. Capability inventory: Read, Glob, Grep, and Bash tools. Sanitization: none.
Audit Metadata