twg-context-discovery
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill makes extensive use of the
twgCLI tool to perform context resolution, relationship mapping, and visualization (e.g.,twg visualize,twg responsibility get, andtwg responsibility infer). These commands are used as intended for data discovery and are consistent with the skill's stated purpose. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it is designed to ingest and process untrusted external data.
- Ingestion points:
SKILL.md(Evidence Policy) - The skill fetches 'fields, owner, status, body, comments, and URLs' from various entities and parses 'linked target bodies' from third-party URLs.
- Boundary markers: Absent; there are no instructions to wrap external content in delimiters or ignore instructions found within comments or descriptions.
- Capability inventory: The agent can execute a variety of
twgsubcommands to query the graph, manage responsibility roles, and pipe data to visualization tools. - Sanitization: Absent; the skill does not specify any validation or sanitization of the fetched metadata or body content before processing.
Audit Metadata