guide-recap
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs authorized local file system operations, specifically reading the project's CHANGELOG.md file and writing social media drafts to a project-docs/social-posts/ directory. These actions are consistent with the documented functionality.
- [PROMPT_INJECTION]: The skill instructions do not contain any patterns for overriding system behavior or bypassing safety filters. While the skill possesses an indirect injection surface by ingesting data from the local CHANGELOG.md (Ingestion Point: Step 2), the risk is mitigated by a highly structured processing workflow. The workflow extracts specific sections, applies scoring algorithms, and populates predefined templates, which prevents the interpretation of changelog text as instructions. Boundary markers are provided by the template structure, and capabilities are limited to local file I/O with no sanitization required for its intended use.
- [DATA_EXFILTRATION]: No network-related commands (curl, wget, etc.) or hardcoded secrets were detected. All data processing and storage occur within the local project environment.
Audit Metadata