onboarding
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute standard development commands, including
make build,go test ./..., and subcommands of the local binary./bin/mq. These actions are necessary for the primary purpose of verifying the local build environment. - [DATA_EXFILTRATION]: The skill references absolute local file paths such as
/Users/devrel/Projects/recallnet/mainline/README.md. While this exposes internal directory naming conventions (revealing the 'devrel' user), it does not involve the transfer of sensitive data to external entities. - [PROMPT_INJECTION]: The skill provides an indirect prompt injection surface by reading and summarizing several local documentation files (README.md, install.md, FLOWS.md, SPEC.md, PLAN.md, AGENTS.md, and CONTRIBUTING.md). Evidence Chain: 1. Ingestion points: Documentation files specified in the 'Read first' section of SKILL.md. 2. Boundary markers: None present. 3. Capability inventory: Shell command execution via make, go, and the project binary. 4. Sanitization: None present. This is a common pattern for documentation-heavy onboarding skills.
Audit Metadata