kata-insert-phase
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes bash scripts for argument validation, file checking, and slug generation. It includes logic to sanitize user-provided descriptions via
trandsedbefore creating directories, preventing basic command injection and path traversal. - [EXTERNAL_DOWNLOADS] (SAFE): The skill references a local script in a sibling directory (
../kata-doctor/scripts/check-roadmap-format.sh) and triggers another internal skill (kata-doctor). These are standard inter-component communications within a trusted local project environment rather than downloads from untrusted remote sources.
Audit Metadata