dependency
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- General Security (SAFE): The skill documentation and metadata align with its stated purpose. No suspicious command execution, hardcoded credentials, or persistence mechanisms were detected.
- Indirect Prompt Injection (LOW): The skill processes external data (project work items and feature descriptions). While this represents an injection surface, the risk is mitigated by the skill's limited capability set, which is restricted to local file operations and lacks network access or arbitrary code execution.
- Data Privacy (SAFE): There are no indicators of data exfiltration. The allowed tools are used for local project analysis and documentation.
Audit Metadata