twg-context-discovery

Pass

Audited by Gen Agent Trust Hub on Jun 25, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill makes extensive use of the twg CLI tool to perform context resolution, relationship mapping, and visualization (e.g., twg visualize, twg responsibility get, and twg responsibility infer). These commands are used as intended for data discovery and are consistent with the skill's stated purpose.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it is designed to ingest and process untrusted external data.
  • Ingestion points: SKILL.md (Evidence Policy)
  • The skill fetches 'fields, owner, status, body, comments, and URLs' from various entities and parses 'linked target bodies' from third-party URLs.
  • Boundary markers: Absent; there are no instructions to wrap external content in delimiters or ignore instructions found within comments or descriptions.
  • Capability inventory: The agent can execute a variety of twg subcommands to query the graph, manage responsibility roles, and pipe data to visualization tools.
  • Sanitization: Absent; the skill does not specify any validation or sanitization of the fetched metadata or body content before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 25, 2026, 02:06 AM
Security Audit — agent-trust-hub — twg-context-discovery