gremlin
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a project manifest and guide for a local development environment. It defines repository structures, architectural decisions (ADRs), and standard development practices without introducing malicious instructions.
- [COMMAND_EXECUTION]: The skill lists standard lifecycle commands using the
pnpmpackage manager (e.g.,pnpm install,pnpm build,pnpm dev). These are expected operations for a JavaScript/TypeScript monorepo and do not involve arbitrary or unsafe command injection. - [DATA_EXPOSURE]: The configuration includes absolute local file paths (e.g.,
/Users/joel/Code/badass-courses/gremlin) and a Vercel team identifier. These are used to provide the agent with environment-specific context and do not represent a leak of sensitive credentials or secrets.
Audit Metadata