yagni
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a real-time code analysis surface via PreToolUse hooks. While processing user-supplied code introduces a surface for indirect prompt injection (Category 8), this is a functional requirement for its role as a linter. No malicious exploitation or bypass instructions were found. Ingestion: Code file content in Write and Edit tool calls. Boundary markers: None. Capabilities: Integrated memory services for project history (contextd). Sanitization: None.
- [SAFE]: No hardcoded credentials, unauthorized network calls, or suspicious external dependencies were detected. The skill uses a local configuration file (.claude/yagni.local.md) and provides administrative commands to the user to manage sensitivity and whitelisting.
Audit Metadata