track-management
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill establishes standard operating procedures for project management tasks such as tracking features and bugs.
- [SAFE]: There are no detected network operations, credential harvesting, or unauthorized file access patterns.
- [SAFE]: Commands mentioned in the instructions, such as
/conductor:new-track, are internal workflow tools and do not involve remote code execution or privilege escalation. - [PROMPT_INJECTION]: The skill facilitates the creation of documentation based on user input, which constitutes a surface for indirect prompt injection. However, this is a standard operational risk for interactive agents and does not indicate malicious intent within the skill content itself.
- Ingestion points: User-provided requirements gathered through interactive Q&A sessions (SKILL.md).
- Boundary markers: None explicitly defined to separate user input from system instructions.
- Capability inventory: Local file-write operations for documentation (spec.md, plan.md, etc.) and execution of internal track management tools.
- Sanitization: No specific sanitization or validation logic is defined for the requirements input.
Audit Metadata