boss
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill makes extensive use of the
Bashtool across several specialized sub-agents (Architect, Backend, Frontend, QA, DevOps). This is used for project initialization (viascripts/init-project.sh), running unit/integration/E2E tests, and deploying the resulting application (e.g.,npm run dev,docker-compose up). These operations are consistent with the skill's primary purpose as a coding automation tool. - [EXTERNAL_DOWNLOADS]: The PM and Architect agents utilize
WebSearchandWebFetchtools to research technology trends, perform competitive analysis, and gather documentation. Additionally, the DevOps and QA agents use package managers likenpm,pnpm,pip, andcargoto install necessary dependencies for the project being developed. These downloads are directed at standard registries and requested technology documentation. - [REMOTE_CODE_EXECUTION]: While the sub-agents execute code as part of the development and testing process, the execution is limited to the project's own environment and dependencies. The skill includes a testing gate (
references/quality-gate.md) that requires passing automated tests before proceeding to deployment, which serves as a safety mechanism. - [PROMPT_INJECTION]: There is a potential for indirect prompt injection as the skill ingests untrusted data from the web (via
WebFetch) or from existing codebases. The sub-agents are instructed to follow strict roles and templates, which provides a layer of structural defense, but the risk remains inherent to any agent processing external content.
Audit Metadata