Skills
skills/sethgammon/citadel/setup/Gen Agent Trust Hub

setup

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes multiple local Node.js scripts and system commands to perform project initialization.
  • Evidence: Executes node {citadel-root}/scripts/install-hooks.js to modify the agent's environment settings.
  • Evidence: Runs node {citadelRoot}/scripts/bootstrap-project-guidance.js to seed project documentation.
  • Evidence: Utilizes git diff and find commands to identify recently modified files for a live demo.
  • [COMMAND_EXECUTION]: The skill explicitly uses node -e to programmatically write to .claude/harness.json.
  • Evidence: The instructions state that using node -e via Bash is intended to bypass standard 'Write tool' blocks, as harness.json is a protected file that only the setup process is authorized to modify.
  • [SAFE]: The high-capability actions identified (modifying settings, installing hooks, and bypassing file protections) are restricted to the local environment and are directly aligned with the stated purpose of configuring the Citadel harness by the author SethGammon.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 10:50 AM