bms
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill primarily serves as a router to other documentation and guidelines within the bmsuisse ecosystem.
- [COMMAND_EXECUTION]: The skill executes a local Python script (
load_skills.py) usinguv run. This script is part of the skill's own package and performs benign file read operations to concatenate documentation. It does not take untrusted user input for command-line arguments beyond a fixed set of mode strings ('base', 'sql', 'python', 'data'). - [DATA_EXPOSURE]: The script reads files from the local filesystem, but access is restricted to the
SKILL.mdfiles within the knownSKILLS_ROOTdirectory. No sensitive files (e.g., credentials, SSH keys) are accessed or exposed. - [PROMPT_INJECTION]: The 'caveman mode' instructions are standard behavioral guidelines and do not attempt to bypass safety filters or override core agent instructions. The instructions to 'Apply all loaded skills in full' are typical for multi-skill orchestration.
- [EXTERNAL_DOWNLOADS]: No external URLs or remote code downloads were found. All dependencies are local to the repository.
Audit Metadata