twg-status-rollups
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of instructional templates and workflow guidance for generating work summaries. No malicious obfuscation, persistence mechanisms, or unauthorized data exfiltration patterns were detected.
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and summarize content from external sources such as Jira, pull requests, and documentation, which could potentially contain malicious instructions.
- Ingestion points: Work activity, pull requests, documents, and comments fetched via the
twgtool (referenced inSKILL.mdandreferences/personal-work-summary.md). - Boundary markers: The instructions do not define specific delimiters or "ignore" markers for the ingested content.
- Capability inventory: The skill uses the
twgCLI tool to query project status, work items, and PR metadata. - Sanitization: No explicit sanitization or filtering steps are defined for the external data before it is processed by the agent.
- [COMMAND_EXECUTION]: The skill provides templates for using the
twgcommand-line tool. It includes safety-oriented instructions, such as advising the agent to use only flags advertised by the tool's help contracts and warning against using scalar shell variables that might lead to argument loss or misinterpretation.
Audit Metadata