role-x
Pass
Audited by Gen Agent Trust Hub on Jun 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill and its associated scripts do not exhibit any malicious patterns, obfuscation, or unauthorized data exfiltration. All operations are consistent with the skill's stated purpose of providing reflexive prompt contextualization.
- [COMMAND_EXECUTION]: The Python utility
scripts/role-x.pyutilizessubprocess.runto execute localgitcommands for environment discovery, such as identifying the current branch and modified files. These operations are restricted to informational Git queries and use fixed command arguments, posing no risk of shell injection. - [PROMPT_INJECTION]: The skill ingests data from user prompts and workspace files (lenses and knowledge entities) to construct agent instructions. The implementation includes significant security measures to sanitize this data, including collapsing multiline inputs, filtering non-printable and control characters, and enforcing length limits, effectively preventing context breakout or malicious instruction injection.
Audit Metadata