verification-before-completion
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill references local verification tools (e.g., scripts/run-tests) as part of a standard development workflow. These are intended for local execution within the agent's environment and do not involve downloading or executing untrusted remote code.
- PROMPT_INJECTION (SAFE): Directive language (e.g., 'The Iron Law') is used to enforce agent integrity and honesty regarding work status rather than to subvert safety filters or override system constraints.
- DATA_EXFILTRATION (SAFE): No evidence of unauthorized data access, sensitive path traversal, or external transmission was found.
- INDIRECT_PROMPT_INJECTION (SAFE): The skill explicitly addresses the risk of trusting unverified data (e.g., 'Agent reports success') by requiring independent verification (VCS diffs, test outputs), effectively serving as a security control against misinformation.
Audit Metadata