sdd-explore
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements the principle of least privilege by explicitly instructing the agent not to modify any existing code or files. Its filesystem interaction is strictly limited to creating a single analysis file ('exploration.md').
- [SAFE]: Data operations are performed using project-specific memory tools ('mem_search', 'mem_get_observation', 'mem_save'). These tools facilitate structured context management within the local environment and do not involve external data transmission.
- [SAFE]: While the skill processes untrusted data from the codebase (indirect prompt injection surface), the risk is minimized by the prohibition of code modification.
- Ingestion points: Codebase files during the investigation phase.
- Boundary markers: Not explicitly defined for the output analysis markdown.
- Capability inventory: Reading local files, writing to 'exploration.md', and calling memory storage tools.
- Sanitization: No specific sanitization of codebase content is mentioned before it is included in reports.
Audit Metadata