proactive-audit
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: Uses git, grep, node, and pnpm to audit framework artifacts and project structure for consistency and syntax errors.
- [COMMAND_EXECUTION]: Implements a project cleanup mechanism that identifies and deletes or moves temporary files like debug logs or dump files from the root directory.
- [EXTERNAL_DOWNLOADS]: References local package manager commands (pnpm) for skill validation which depends on the pre-existing project environment.
- [PROMPT_INJECTION]: Processes framework artifacts (hooks, agents, and schemas) as input, presenting an indirect prompt injection surface; however, the skill's logic is constrained to validation and reporting.
- [DATA_EXFILTRATION]: Accesses project configuration and framework files for the purpose of validation, but includes no mechanisms for data transmission to external domains.
Audit Metadata