implement
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill evaluates untrusted task documents and includes a 'Scan for Dangerous Operations' phase to mitigate potential indirect prompt injection risks.\n
- Ingestion points: docs/task/*.md, TASKS.md, and LEARNINGS.md (SKILL.md).\n
- Boundary markers: Implements structured processing logic and dedicated keyword scanning for destructive or sensitive content.\n
- Capability inventory: File read/write/edit, version control (git), package management (npm), and subagent orchestration via the Task tool (SKILL.md).\n
- Sanitization: Step 4 defines a scanning process that blocks or requires manual approval for keywords like sudo, rm, DROP, and API_KEY to prevent unauthorized actions (SKILL.md).\n- [COMMAND_EXECUTION]: Shell operations are restricted to standard development workflows (git and npm). The skill includes a mandatory 'MULTI-TASK PERMISSION CHECK' (Step 5) that provides transparency into background agent capabilities and requires explicit user confirmation before execution.\n- [EXTERNAL_DOWNLOADS]: Provides links to official best-practice guidelines from well-known technology organizations (Vercel and Supabase) and utilizes standard package managers for dependency installation.
Audit Metadata