skills/akillness/jeo-skills/deep-dive/Gen Agent Trust Hub

deep-dive

Pass

Audited by Gen Agent Trust Hub on Jun 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes a local Python script (scripts/validate_deep_dive_artifacts.py) to validate that generated markdown artifacts (traces and specifications) conform to the required headings and path structures. This execution is limited to a bundled script performing static analysis on local files.
  • [PROMPT_INJECTION]: To mitigate risks associated with processing codebase content and user-provided ideas, the skill implements a '3-point injection' guard. It wraps all trace-derived data in <trace-context> delimiters and provides explicit instructions to the agent to treat this content as data only, preventing it from being interpreted as control directives.
  • [SAFE]: Data persistence and configuration access (e.g., ~/.claude/settings.json, .omc/state/) are handled using standard patterns for agent state management. These operations are confined to task-specific requirements and do not involve unauthorized network transmission or access to sensitive user credentials.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 27, 2026, 04:58 AM
Security Audit — agent-trust-hub — deep-dive