compound
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues, obfuscation, or malicious patterns were detected. The skill focuses on structured logging of development experience.
- [COMMAND_EXECUTION]: The skill utilizes
git diffto analyze code changes. This is a standard local operation appropriate for a development-focused agent. - [DATA_EXPOSURE]: The skill reads internal project state files from the
.ai_state/directory and git history. These operations are conducted locally, and no network exfiltration or credential harvesting patterns are present. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted input from
git diffand sprint reports. - Ingestion points: Reads
git diff,.ai_state/reviews/sprint-N.md,.ai_state/tasks.md, and.ai_state/design.md. - Boundary markers: The instructions enforce a strict structured output format for the
lessons.mdfile, though specific delimiters for the input data are not explicitly defined in the prompt text. - Capability inventory: Limited to local file read/append and
git diffexecution; no network access or arbitrary code execution tools are requested or used. - Sanitization: The skill uses a distillation method that focuses on specific categories (Pattern, Pitfall, Constraint), which naturally filters and summarizes the input rather than reflecting it raw.
Audit Metadata