suggest
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious behavior or high-risk patterns were identified. The skill's operations, including codebase analysis and task tracker integration, are consistent with its stated purpose.- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes external content from the codebase and task managers.
- Ingestion points: .arc/log.md, Linear issues, TaskList, codebase content (TODOs/FIXMEs), and docs/vision.md.
- Boundary markers: None identified in the workflow to separate ingested data from instructions.
- Capability inventory: Spawns sub-agents for exploration and research, interacts with MCP tools for Linear integration, and recommends CLI commands for user execution.
- Sanitization: No explicit sanitization or validation of codebase or task content is documented in the workflow.
Audit Metadata