feature-dev
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- Command Execution (SAFE): The skill utilizes
bun runcommands for build, type-checking, and linting processes. These are standard operations within a modern development environment and do not pose a security risk in this context. - Indirect Prompt Injection (SAFE): The skill ingests information from external files such as the documentation index,
AGENTS.md, and repository instructions to establish context. While this creates a theoretical surface for indirect prompt injection, it is a functional requirement for a development-focused agent. Per the [TRUST-SCOPE-RULE], the severity is downgraded to SAFE as it is associated with the primary intended purpose. - Ingestion points:
docs index,plan links,AGENTS.md,repo instructions. - Boundary markers: Absent in the instruction set.
- Capability inventory: Repository exploration and file editing (Serena), UI pattern application (shadcn MCP), Database management and migrations (Supabase MCP).
- Sanitization: No explicit sanitization or validation of the ingested documentation is mentioned.
Audit Metadata