sw/multi-project

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: No prompt injection patterns, override instructions, or jailbreak attempts were found in the skill content.
  • [DATA_EXFILTRATION]: No sensitive file access (such as .ssh, .aws, or credentials) was detected. The skill interacts with project metadata and configuration files specific to its purpose (.specweave/config.json, tasks.md).
  • [REMOTE_CODE_EXECUTION]: No remote code execution patterns, such as piping external scripts to shells, were found. The skill demonstrates usage of standard command-line tools like 'gh' (GitHub CLI) and 'sw-jira' within expected workflows.
  • [OBFUSCATION]: No obfuscated text, encoded commands, zero-width characters, or hidden URLs were identified.
  • [COMMAND_EXECUTION]: Command execution is limited to documented project management operations (creating issues, syncing tasks) using official or related internal tools.
  • [CREDENTIALS_UNSAFE]: No hardcoded API keys, tokens, or secrets were found. The skill configuration examples use appropriate placeholders or refer to standard configuration files.
  • [INDIRECT_PROMPT_INJECTION]: While the skill processes project-specific data like 'tasks.md', it operates within a standard development context using local configuration files. There are no high-risk capability chains that would allow external data to compromise agent security.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 02:33 PM
Security Audit — agent-trust-hub — sw/multi-project