brownfield-fix
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a vendor-provided CLI tool,
wednesday-skills, to perform risk assessment and dependency mapping. The execution is limited to subcommands (score,blast,fill-gaps) necessary for the skill's primary function of brownfield project management. - [DATA_EXFILTRATION]: No evidence of sensitive data harvesting or external network operations. The skill accesses local project metadata files located in the
.wednesday/codebase/directory, which is a standard pattern for developer tooling. - [PROMPT_INJECTION]: No prompt injection or behavior override patterns detected. The instructions include safety constraints that require explicit developer approval for high-risk modifications, reinforcing proper agent-user boundaries.
Audit Metadata