context-driven-development
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, prompt injections, or unauthorized data access attempts were detected. The skill provides a structured methodology for maintaining project documentation such as product goals, technical stacks, and workflows.
- [DATA_EXFILTRATION]: While the skill involves the creation and maintenance of project-sensitive files (e.g.,
tech-stack.md,product.md), these are intended for internal project alignment and local development. No network operations or commands to send this data externally are present. - [COMMAND_EXECUTION]: The skill mentions a platform-specific command
/conductor:setupused to initialize the project structure. This command is part of the intended environment's functionality and does not represent arbitrary or malicious shell execution. - [PROMPT_INJECTION]: The instructions focus on standard development tasks (clarifying goals, applying best practices). There are no attempts to override system safety guidelines or manipulate agent behavior through injection techniques.
Audit Metadata