coding-conventions
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to interact with local project scripts for inventory management and build processes. Specific examples include
manage_tool_inventory.pyandrebuild-all.ps1. These appear to be internal utility scripts consistent with the project's stated modernization and tool-tracking purpose. - [EXTERNAL_DOWNLOADS]: The documentation references standard package management workflows using NPM, Pip, and NuGet. It specifically points to well-known technology registries and official BC Government design system packages (e.g.,
@bcgov/design-system-react-components), which are treated as trusted sources. - [PROMPT_INJECTION]: The skill involves processing legacy Oracle Forms data (XML and Markdown) through various 'miner' tools. This creates an indirect prompt injection surface.
- Ingestion points: XML/Markdown source files of legacy forms referenced in
context-spiral-protocol.md. - Boundary markers: None explicitly defined in the provided documentation to isolate untrusted data from instructions.
- Capability inventory: The skill uses
ReadandWritetools and references shell-based workflow shims (spec-kitty) and custom analysis scripts. - Sanitization: Not explicitly detailed in the provided documentation for external content processing.
Audit Metadata