fusion-rules
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates as a scaffolding tool for documentation and IDE configuration. It does not request elevated privileges, execute external scripts, or access sensitive personal information like SSH keys or environment secrets.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it scans potentially untrusted repository data (README files, ADRs, and configuration files) to generate rule drafts. This is an inherent risk of its primary function, which is mitigated by safety constraints and a human-in-the-loop workflow.
- Ingestion points: Step 2 workflow in
agents/claude-code.agent.md,agents/copilot.agent.md, andagents/cursor.agent.mdwhere it scans project documentation. - Boundary markers: The skill instructions do not specify technical delimiters for external data, relying instead on the draft/review cycle.
- Capability inventory: File creation and modification within the repository structure (specifically
.github/,.cursor/, and.claude/directories). - Sanitization: The workflow includes mandatory validation of glob patterns and a quality gate that prevents the invention of undocumented conventions without developer confirmation.
Audit Metadata