hindsight-architect
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The preamble script executes standard shell commands including git, grep, and basename to identify the project environment and existing Hindsight configurations to tailor its advice.
- [COMMAND_EXECUTION]: The script searches for and executes a local binary (hindsight-update-check) within skill-specific installation paths (~/.claude/skills, etc.) to determine version status.
- [EXTERNAL_DOWNLOADS]: The skill recommends installing official Hindsight SDKs from PyPI (hindsight-client, hindsight-all) and NPM (@vectorize-io/hindsight-client), which are verified vendor resources for the Hindsight product.
- [DATA_EXPOSURE]: The script inspects local .env and ~/.hindsight/config files to detect existing configuration keys; it does not extract or exfiltrate the sensitive content, only identifying the deployment state.
Audit Metadata