sdlc-agents-select
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to perform directory existence checks within the target repository to locate Architecture Decision Records (ADRs). These checks are necessary for the skill's primary configuration purpose and are scoped to the provided repository path variable.- [DATA_EXPOSURE]: The skill reads an existing .sdlc-agents/selection.yaml file if present to merge user preferences. This data access is restricted to the skill's own configuration files within the target project and does not involve sensitive system or credential files.- [INDIRECT_PROMPT_INJECTION]: The skill exhibits an ingestion surface by reading existing configuration files from the target repository. While a malicious repository could contain unexpected data, the impact is limited to the internal configuration of the agents, and the skill encourages user confirmation before overwriting data. (Ingestion points: .sdlc-agents/selection.yaml; Boundary markers: None; Capability inventory: File read and write via agent tools; Sanitization: None).- [CREDENTIALS_UNSAFE]: The skill contains a hardcoded AWS account ID within a YAML template. However, it uses the standard AWS documentation example ID (123456789012) as a placeholder for user replacement, posing no security risk.
Audit Metadata