ccg-workflow
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
Bashtool to coordinate external CLI utilities (codeagent-wrapper,codex,gemini) for specialized analysis and code review tasks. - [DATA_EXFILTRATION]: As part of its core functionality, the skill reads project source code and configuration to provide context to external AI model backends (Codex and Gemini) for implementation advice and verification.
- [EXTERNAL_DOWNLOADS]: The documentation references external technology providers and GitHub repositories (including
github.com/fengshao1227/ccg-workflow) as prerequisites for the orchestration engine. - [SAFE]: Security guardrails are explicitly implemented, including a 'Coordinator-only' write policy, user-approval gates for implementation plans, and scoring filters to reduce low-signal or incorrect model outputs.
Audit Metadata