skill-developer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The documentation files do not contain executable code, malicious instructions, or data exfiltration patterns. All described behaviors are consistent with the framework's stated goal of providing contextual guardrails.
- [COMMAND_EXECUTION] (LOW): The documentation details how the system executes local scripts via 'npx tsx'. This is an architectural feature of the hook system and does not involve untrusted remote code execution.
- [PROMPT_INJECTION] (LOW): The framework's core function is to inject additional context or 'suggestions' into the agent's prompt. This is a controlled behavior designed to aid the agent's performance rather than a malicious bypass of safety protocols.
Audit Metadata