windsurf-upgrade-migration
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: Executes shell commands to automate the migration of IDE settings and extensions, such as
windsurf --install-extensionandcpfor settings files. - [DATA_EXFILTRATION]: Accesses local IDE configuration files (
settings.json,.cursorrules) to facilitate the migration process; there is no evidence of network transmission or external exfiltration of this data. - [PROMPT_INJECTION]: Provides a surface for indirect prompt injection by reading and processing workspace-level AI rule files (
.cursorrules,.windsurfrules). - Ingestion points: Reads contents of
.cursorrulesand.cursorignoreduring the migration script inSKILL.md. - Boundary markers: None present to delimit rule content from agent instructions.
- Capability inventory: Uses
Bashwithnpmandgitaccess. - Sanitization: None detected; files are copied directly.
- [DYNAMIC_CONTEXT_INJECTION]: Utilizes dynamic context injection (
!command) to check the current installation status and version ofwindsurfandcodeat load time. These commands are benign and used strictly for environment verification.
Audit Metadata