bmad-auto
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The orchestrator and its delegated sub-agents perform extensive shell command execution to build, test, and lint software. This includes project initialization, running package managers (npm, pip, cargo, go), executing test suites (pytest, jest, playwright), and managing infrastructure via docker-compose. These operations are the primary function of the skill.
- [EXTERNAL_DOWNLOADS]: The skill references and utilizes numerous external Docker images and tools for validation and testing. These include official images from HashiCorp, PlatformIO, Vercel Labs, and language-specific environments (Python, Node.js, Go, Rust). It also suggests installing browser automation tools and security scanners (gitleaks, trufflehog, semgrep) to enhance project quality.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it ingests and processes user-provided documentation, PRDs, and tech-specs. To mitigate risk, it uses a structured delegation system and explicitly restricts sub-agents from making git commits directly, ensuring the orchestrator maintains control over changes.
Audit Metadata