ai-assisted-development
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns detected across the analyzed files. The skill is documentation-centric, focusing on development strategies and orchestration logic.
- [PROMPT_INJECTION]: The skill describes an inherent surface for indirect prompt injection in its multi-agent orchestration patterns (e.g., in
SKILL.mdandreferences/ai-patterns.md), where agents process external data like requirements or curriculum files. However, this is documented as a standard architectural feature, and the skill actively encourages mitigation through its 'Human-in-the-Loop' pattern and automated quality gates. - [COMMAND_EXECUTION]: The documentation in
references/orchestration-strategies.mdsuggests using standard development tools (e.g.,phpcs,phpstan,phpunit) for quality validation. These are described as user-implemented checks and do not represent unauthorized or hidden command execution by the skill itself. - [EXTERNAL_DOWNLOADS]: While the skill mentions an external 'Superpowers' plugin and provides example API URLs for documentation purposes (e.g.,
https://api.external.com/openapi.json), it does not contain code to perform unauthorized downloads or execute remote scripts.
Audit Metadata