kata-remove-phase
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands including 'find', 'rm -rf', 'mv', and 'git' to reorganize project directories and commit changes. These operations are essential for the skill's purpose and are constrained to the local project environment.\n- [EXTERNAL_DOWNLOADS]: References and executes scripts from sibling directories (e.g., '../kata-doctor/scripts/'). These are identified as trusted resources within the same author's tool ecosystem.\n- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface due to the processing of external project files.\n
- Ingestion points: .planning/ROADMAP.md and .planning/STATE.md.\n
- Boundary markers: None present in the logic used to read or parse the roadmap files.\n
- Capability inventory: File system modification (rm -rf, mv) and version control operations (git commit).\n
- Sanitization: Phase names extracted from ROADMAP.md are used directly in git commit messages and directory names without sanitization, which could lead to command injection if the roadmap file contains malicious content.
Audit Metadata