fusion-rule-author
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a template and workflow provider for generating configuration files. It does not contain executable code or scripts.
- [COMMAND_EXECUTION]: The skill's workflow includes writing configuration files to the local repository (Step 7). This is a core part of its intended functionality and includes a mandatory developer review and approval step (Step 6) to mitigate risks.
- [DATA_EXFILTRATION]: While the skill instructs the agent to scan repository files (e.g., package.json, CI workflows) to extract coding conventions, it does not perform any network operations to send this data externally.
- [CREDENTIALS_UNSAFE]: The skill includes explicit safety instructions for the agent to never embed secrets, tokens, or credentials in the generated rule files.
Audit Metadata