verification-before-completion
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [SAFE] (SAFE): The skill consists entirely of instructional markdown content and does not include any executable scripts, binaries, or configuration files.
- [COMMAND_EXECUTION] (INFO): The instructions mandate the execution of verification commands (e.g., test suites, linters, build systems). While this utilizes the agent's command execution capability, it is done within the context of functional verification and does not specify malicious or hardcoded commands.
- [PROMPT_INJECTION] (SAFE): No attempts to override system prompts or bypass safety filters were detected. The skill actually imposes additional behavioral constraints ('Iron Laws') on the agent to ensure honesty and evidence-based reporting.
- [DATA_EXFILTRATION] (SAFE): No sensitive file paths, hardcoded credentials, or unauthorized network operations were found in the instructions.
- [INDIRECT_PROMPT_INJECTION] (INFO): The skill describes an ingestion surface where the agent must 'READ' command outputs and VCS diffs. This is a standard operational requirement for developer tools and the skill encourages a critical verification of these outputs rather than blind obedience.
Audit Metadata