sw/multi-project
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No prompt injection patterns, override instructions, or jailbreak attempts were found in the skill content.
- [DATA_EXFILTRATION]: No sensitive file access (such as .ssh, .aws, or credentials) was detected. The skill interacts with project metadata and configuration files specific to its purpose (.specweave/config.json, tasks.md).
- [REMOTE_CODE_EXECUTION]: No remote code execution patterns, such as piping external scripts to shells, were found. The skill demonstrates usage of standard command-line tools like 'gh' (GitHub CLI) and 'sw-jira' within expected workflows.
- [OBFUSCATION]: No obfuscated text, encoded commands, zero-width characters, or hidden URLs were identified.
- [COMMAND_EXECUTION]: Command execution is limited to documented project management operations (creating issues, syncing tasks) using official or related internal tools.
- [CREDENTIALS_UNSAFE]: No hardcoded API keys, tokens, or secrets were found. The skill configuration examples use appropriate placeholders or refer to standard configuration files.
- [INDIRECT_PROMPT_INJECTION]: While the skill processes project-specific data like 'tasks.md', it operates within a standard development context using local configuration files. There are no high-risk capability chains that would allow external data to compromise agent security.
Audit Metadata