write-blueprint
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified within the skill's instructions or supporting reference files.
- [COMMAND_EXECUTION]: The skill automatically detects project tooling by scanning configuration files like
pyproject.toml,package.json, andCargo.toml. It suggests standard development commands (e.g.,pytest,npm test,ruff check) for inclusion in the implementation plan's verification phase. These commands are presented to the user for confirmation before being finalized. - [DATA_EXPOSURE]: The skill performs broad read operations across the local project directory to understand architecture, entry points, and configuration. This data is used solely to generate the implementation plan and is not transmitted to external domains.
- [PROMPT_INJECTION]: The skill is designed to handle untrusted data (user requests and codebase content) through a structured workflow. It includes 'hard gates' for tool confirmation and requirement clarification, and utilizes a subagent for adversarial review of the final plan. This design provides significant mitigation against accidental or intentional manipulation by external inputs.
Audit Metadata