setup
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a hardcoded bash command string to detect the project environment. It checks for the existence of common files such as Gemfile, tsconfig.json, and package.json to identify the programming language or framework. This is a safe, local-only operation with no external data or user input interpolated into the command shell.
- [DATA_EXPOSURE]: The skill reads from and writes to a specific project-local file named 'compound-engineering.local.md'. These file operations are restricted to the local working directory and do not access sensitive system files, environment variables, or hardcoded credentials.
- [EXTERNAL_DOWNLOADS]: No network requests, remote script fetches, or external package installations were identified in the skill code.
Audit Metadata