agent-workflow
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed to enhance security through a strict three-phase workflow (Plan, Implement, Review). It explicitly prohibits unauthorized remote operations such as 'git push' or cloud deployment commands, ensuring all modifications remain local until manually approved.
- [COMMAND_EXECUTION]: The workflow involves local execution of version control (git) and read-only GitHub CLI commands ('gh repo view', 'gh api' GET requests). These are standard development operations and are governed by the skill's mandatory audit requirements and local verification gates.
- [EXTERNAL_DOWNLOADS]: The skill references dependency verification as part of a QA process. This typically involves standard package managers (npm, pip) to ensure project consistency and does not involve downloading or executing code from untrusted remote sources.
Audit Metadata