check-alignment
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is restricted to read-only operations on the local codebase and specified documentation paths like /specs. It does not perform any network requests or external data transfers.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to scanning untrusted implementation files and documentation. Ingestion points: Scans all .md files in /specs/ and source files in directories like src/, lib/, and app/. Boundary markers: The skill does not define specific delimiters to separate spec content from its own instructions. Capability inventory: Analysis is limited to status reporting and suggesting user-invocable commands; it has no file-write or subprocess execution capabilities. Sanitization: No sanitization is performed on the ingested text. This surface is inherent to its auditing purpose and is considered safe given the lack of dangerous execution sinks.
Audit Metadata