Skills
skills/minhtri2710/skills/beo-compound/Gen Agent Trust Hub

beo-compound

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill's functionality is limited to managing internal project documentation and state. No unauthorized network access, sensitive data exposure, or malicious code execution patterns were found.\n- [PROMPT_INJECTION]: The skill reads data from potentially untrusted sources like REVIEW.md and feature artifacts to generate learning records. While this constitutes an indirect prompt injection surface, it is a core part of the intended functionality and operates within restricted project paths.\n
  • Ingestion points: REVIEW.md and feature-local learning records.\n
  • Boundary markers: Absent; the agent is instructed to process content directly.\n
  • Capability inventory: Writes to .beads/learnings/ and specific shared state fields; uses beads-cli for provenance.\n
  • Sanitization: No explicit sanitization of ingested text is performed.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 04:07 AM