Skills
skills/khaki4/my_skills/bf-archive-sprint/Gen Agent Trust Hub

bf-archive-sprint

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a git commit command using variables such as {TICKET} in the commit message. This is a standard operational requirement for its intended archival purpose within a development workflow.- [INDIRECT_PROMPT_INJECTION]: The skill processes data from sprint-status.yaml and uses it to drive file operations and command parameters.
  • Ingestion points: Data is read from sprint-status.yaml and the existing directory structure (docs/stories/, docs/tech-specs/).
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded commands in the source files are present.
  • Capability inventory: The skill performs file system moves, file writes (appending to CLAUDE.md), and system command execution (git commit).
  • Sanitization: No explicit validation of the {TICKET} variable or epic names is described before their use in file paths or shell commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 08:22 AM