health
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill functions as a local diagnostic utility to audit agent configurations, project structure, and maintainability metrics.
- [DATA_EXPOSURE]: The skill accesses local configuration files (e.g.,
settings.local.json,CLAUDE.md) and conversation history (.jsonllogs) to perform its health check. This access is necessary for the audit and stays within the local environment. - [SAFE]: The data collection script
check-agent-context.shcontains explicit redaction logic (usingSENSITIVE_RE) to ensure that API keys, tokens, and secrets found in configurations are replaced with[REDACTED]before being processed by the agent. - [PROMPT_INJECTION]: The skill mitigates indirect prompt injection by providing explicit instructions to its sub-agents (
inspector-context.md) to treat project data as untrusted input and to ignore any instructions embedded within the analyzed content. - [EXTERNAL_DOWNLOADS]: The skill includes instructions and logic to resolve its own installation path using the author's repository (
tw93/Waza), which is consistent with the vendor's identity and does not pose a security risk.
Audit Metadata