jtbd
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Python scripts (
ingest_transcript.py,mine_reviews.py,odi_score.py,validate_granularity.py,validate_outcome.py) to parse data and calculate metrics. These scripts use standard Python libraries and do not perform network requests or manipulate sensitive system files. - [SAFE]: The skill manages its data within a dedicated local directory structure (
~/jtbd/). It does not attempt to access credentials or other sensitive user directories. - [SAFE]: Repository references in the plugin configuration point to the author's official GitHub repository at
github.com/glebis/claude-skills, which is consistent with the skill's authorship. - [SAFE]: Indirect prompt injection risks are mitigated by using specialized processing scripts that extract specific data points from untrusted user inputs (transcripts and reviews) before they are introduced into the conversational context.
Audit Metadata