easysdd-learning
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a local utility script
python easysdd/tools/search-yaml.pyto query and filter document metadata. This is used for finding existing documents and preventing duplicates, representing a legitimate functional dependency within the project's own tools.\n- [INDIRECT_PROMPT_INJECTION]: The skill processes existing documentation from the local directory to update or supersede entries, creating a surface for potential indirect instructions to enter the agent's context.\n - Ingestion points: Reads existing markdown documents from the
easysdd/compound/directory during Phase 1.5.\n - Boundary markers: No specific delimiters or instructions to ignore embedded instructions are defined for the reading phase.\n
- Capability inventory: The skill's primary capability is writing markdown files to the local
easysdd/compound/directory.\n - Sanitization: No explicit sanitization or validation of the ingested document content is described.\n- [DATA_EXFILTRATION]: No network activity, exfiltration patterns, or access to sensitive system directories (e.g., credentials, SSH keys) were identified. The skill's operations are restricted to the local project structure.\n- [SAFE]: The skill incorporates human-in-the-loop checkpoints, requiring the user to review drafts before they are written to disk and to approve modifications to project entry points rather than performing these actions autonomously.
Audit Metadata