verification-before-completion
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill provides instructions for the agent to use standard development tools (bun, npm, npx) to verify code quality. No malicious patterns, exfiltration, or unauthorized access were detected.
- [COMMAND_EXECUTION]: The skill explicitly instructs the agent to run development commands like 'bun test' and 'npm run build' to confirm work status. These commands are typical for development environments and are used here within their intended purpose.
- [PROMPT_INJECTION]: The skill creates an ingestion surface for potentially untrusted data by instructing the agent to examine VCS diffs and external agent reports.
- Ingestion points: VCS diffs and success reports from other agents (referenced in SKILL.md).
- Boundary markers: No specific delimiters or 'ignore' instructions are defined in the skill for isolating this external data.
- Capability inventory: The agent is authorized to execute shell commands for verification.
- Sanitization: No evidence of sanitization or validation of the ingested external content is present in the instructions.
Audit Metadata