blueprint-promote
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's operations are confined to the project's internal configuration directory (
.claude/). It does not access sensitive system paths or credentials.\n- [COMMAND_EXECUTION]: The skill uses the Bash tool for a simple existence check (test -f) to verify rule files before processing. This is a standard check that does not involve privileged commands or dangerous shell operations.\n- [SAFE]: A user confirmation step (AskUserQuestion) is implemented before the manifest is updated, ensuring that modifications are transparent and authorized by the user.\n- [SAFE]: No evidence of prompt injection, data exfiltration, obfuscation, or remote code execution was found. The skill's functionality is consistent with its stated purpose of artifact preservation.
Audit Metadata