discovery
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified during the analysis of this skill.
- [COMMAND_EXECUTION]: The skill does not contain any shell commands or subprocess execution logic. It is purely instructional for guiding conversational flow.
- [EXTERNAL_DOWNLOADS]: No external scripts, packages, or remote resources are referenced or downloaded.
- [DATA_EXFILTRATION]: The skill does not perform any network operations. It specifies writing an artifact to a local project-specific directory (.planning/harness/), which is a standard workflow practice.
- [PROMPT_INJECTION]: The instructions are focused on legitimate discovery processes (WHO, WHAT, WHEN, WHY) and do not contain attempts to override safety filters or bypass system constraints.
Audit Metadata