implement
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool and a helper script (worktree-setup.sh) to manage git branches and worktrees, and to execute development commands like
npm install,poetry run, and various test runners. These operations are essential for the implementation workflow. - [EXTERNAL_DOWNLOADS]: Fetches development packages and tools from official registries such as npm and PyPI. These actions are documented as part of the setup and verification phases for the features being implemented.
- [REMOTE_CODE_EXECUTION]: Generates source code and test suites based on user requirements and executes them to verify functionality. This is the core purpose of the skill and is constrained to the user's project environment.
- [PROMPT_INJECTION]: Ingests untrusted user data via the feature description argument, which is interpolated into subagent prompts (e.g., in Phase 4 and 5 templates). While this creates a surface for indirect prompt injection (Category 8), the risk is mitigated by the structured multi-phase workflow and the presence of a dedicated code-quality-reviewer agent.
Audit Metadata