core-workflow
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides standard shell commands for managing a development lifecycle, including Git synchronization (fetch, merge, add, commit, push) and NPM script execution (test, build, dev, type-check).
- [COMMAND_EXECUTION]: Includes a process management utility command (
lsof -ti:PORT | xargs kill) used to clean up local development servers after verification steps. - [SAFE]: Implements a defensive check that verifies the Git remote URL contains the author's username (travisjneuman) before permitting automated code pushes, serving as a safeguard against accidental updates to external repositories.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it is designed to ingest and act upon data from project planning files. Ingestion points: File paths such as
.planning/PROJECT.md,tasks/*.md,ROADMAP.md, and phase-specific plans. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are specified for these files. Capability inventory: Automated Git commits/pushes, NPM script execution, and process termination. Sanitization: No specific validation or escaping mechanisms are mentioned for the content of the processed planning files.
Audit Metadata