maintain-project-rules
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill uses
git rev-parse --show-toplevelto resolve the project root. This is a standard, non-privileged command used for local path resolution in development environments. - [DATA_EXPOSURE] (SAFE): File access is restricted to the
.cursor/rules/directory and project documentation (doc/rules.md). No sensitive files (e.g., SSH keys, AWS credentials) are accessed or exposed. - [INDIRECT_PROMPT_INJECTION] (SAFE): The skill processes untrusted
.mdcfiles. Ingestion points:.cursor/rules/directory. Boundary markers: None explicitly defined. Capability inventory: File system read/write, path resolution via git. Sanitization: The skill performs structural audits (line counts, frontmatter checks) rather than executing rule content, which effectively mitigates injection risks during the audit process. - [EXTERNAL_DOWNLOADS] (SAFE): No external packages or remote scripts are downloaded or executed; the skill relies entirely on its internal logic and existing local tools.
Audit Metadata