meticulous-iterative-dev

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implements a standard developer workflow for visual regression testing using first-party vendor tools.
  • [COMMAND_EXECUTION]: The skill uses local shell commands including meticulous and git to manage the development loop. These operations are aligned with the skill's primary purpose of code modification and testing.
  • [CREDENTIALS_UNSAFE]: References standard configuration paths for the Meticulous API token (~/.meticulous/config.json) and environment variable (METICULOUS_API_TOKEN). This is documented for setup purposes and does not attempt to read or exfiltrate the secret.
  • [PROMPT_INJECTION]: Analyzes the potential for indirect prompt injection via tool outputs.
  • Ingestion points: CLI output from meticulous local relevant-sessions and simulation results in SKILL.md.
  • Boundary markers: None present.
  • Capability inventory: File system modifications via git commit and meticulous CLI operations in SKILL.md.
  • Sanitization: None specified.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 01:39 PM
Security Audit — agent-trust-hub — meticulous-iterative-dev