verification-before-completion
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The skill utilizes strong, imperative language (e.g., 'The Iron Law', 'non-negotiable') to enforce operational rigor. This is interpreted as workflow instruction rather than an attempt to bypass safety filters or extract system prompts.
- [Command Execution] (SAFE): The skill provides templates for common, benign development commands such as
npm test,bun run build, andtsc --noEmit. These commands are standard for software development and are not used here for malicious purposes or privilege escalation. - [Indirect Prompt Injection] (LOW): The skill requires the agent to read and analyze command outputs (e.g., test logs). While this involves processing untrusted external data, the instructions are specifically constrained to verifying success/failure status, minimizing the risk of executing instructions embedded in log output.
Audit Metadata