guide-recap
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs text transformation on local project documentation. All operations are confined to the local filesystem and the agent's output context.- [DATA_EXPOSURE]: No sensitive data exposure detected. The skill only accesses public-facing project files such as CHANGELOG.md and README.md.- [COMMAND_EXECUTION]: The skill does not execute system commands or invoke shell processes. Its functionality is strictly limited to text parsing and generation.- [EXTERNAL_DOWNLOADS]: No external dependencies, packages, or remote scripts are downloaded or executed by this skill.- [INDIRECT_PROMPT_INJECTION]: While the skill ingests content from CHANGELOG.md (an untrusted data source), the risk is mitigated by its limited capabilities. The agent only generates text outputs and writes them to a specific project subdirectory ([project-docs]/social-posts/), preventing arbitrary code execution or system modification.
Audit Metadata