phase-enforcement
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute standard development environment commands, including
npm test,npm run build,npm run lint, andnpm audit, to verify that code meets the requirements for passing development gates. - [DATA_EXFILTRATION]: The skill records methodology state and user feedback in local files within the
.aid/directory and the user's home directory (~/.aid/feedback/). No unauthorized network transmission or access to sensitive credentials was identified. - [PROMPT_INJECTION]: The skill employs strong instructional language to enforce methodology compliance, such as mandatory refusal of out-of-phase work. It also processes user-defined documentation which presents a surface for indirect prompt injection, but the risk is mitigated by the structured review process and the absence of high-risk automated actions based on that content.
- [SAFE]: The skill's primary function is structural enforcement and documentation management. It does not download external code, attempt to escalate privileges, or establish persistence on the host system.
Audit Metadata