sdd-riper-one
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a highly structured development workflow (SDD-RIPER) that emphasizes 'No Spec, No Code' and human approval gates, which serves as a functional guardrail rather than a safety bypass.
- [COMMAND_EXECUTION]: The skill utilizes a local Python script (
scripts/archive_builder.py) for processing markdown documentation. Analysis of the script confirms it only performs text parsing and local file I/O using standard libraries, with no unauthorized system commands or network activity. - [DATA_EXPOSURE]: The skill accesses local project metadata (such as
package.json,go.mod, and log files) to build development context and perform debugging analysis. This behavior is transparent and consistent with the skill's stated purpose of assisting in software development. - [PROMPT_INJECTION]: While the protocol uses strong language (e.g., 'ZERO TRUST MODE', 'CRITICAL WARNING'), these instructions are intended to constrain the agent to a reliable workflow and do not attempt to override the underlying model's safety filters or ethical guidelines.
- [INDIRECT_PROMPT_INJECTION]: The skill includes ingestion points for untrusted data, such as reading log files in
debugmode and scanning directories inbuild_context_bundle. However, the 'Plan Approved' gate and structured review phases (RIPER) provide significant mitigation against accidental execution of instructions embedded in processed data.
Audit Metadata