ce-compound-refresh
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes local
gitcommands for branching, committing, and pull requests to manage documentation lifecycle. - [COMMAND_EXECUTION]: Runs a local Python script (
scripts/validate-frontmatter.py) for automated metadata validation. - [PROMPT_INJECTION]: Represents an indirect prompt injection surface as it modifies documentation and instruction files (
AGENTS.md,CLAUDE.md) that influence future agent behavior. Ingestion points include markdown files and instruction metadata. Boundary markers are enforced by requiring codebase-backed evidence. Capabilities include file writes, deletions, and git operations. Sanitization is performed via a metadata validator.
Audit Metadata