recover
Pass
Audited by Gen Agent Trust Hub on May 23, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill operates entirely within the local project environment, reading state files and using standard development tools for status reporting. No exfiltration or malicious behaviors were detected.
- [COMMAND_EXECUTION]: The skill performs shell execution to gather context from git and local utilities (ao, bd, gt). These commands are limited to state introspection and do not involve remote code execution or credential access.
- [PROMPT_INJECTION]: The skill ingests data from local state files which creates a surface for indirect prompt injection, though the risk is low as these files are internal to the agent environment.
- Ingestion points: .agents/rpi/phased-state.json and .agents/evolve/cycle-history.jsonl in SKILL.md.
- Boundary markers: Absent.
- Capability inventory: Shell execution of cat, tail, and CLI tools in SKILL.md.
- Sanitization: Absent.
Audit Metadata