build-mvp
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill processes project-specific documentation as input for implementation tasks. While this constitutes an indirect prompt injection surface, it is consistent with the primary purpose of a build agent.
- Ingestion points: docs/product-roadmap.md, docs/prd.md, docs/design.md, docs/product-vision.md.
- Boundary markers: None specified.
- Capability inventory: File system modifications, execution of build/test commands, and git operations.
- Sanitization: Instructions emphasize surgical changes following existing project guidelines.
- [SAFE]: External references are limited to the vendor's official resources (BuilderOS/BuildGreatProducts) which are verified as safe.
- [SAFE]: Secret management practices are secure, with explicit instructions to ignore sensitive files like .env in version control via .gitignore.
- [SAFE]: Network operations, specifically connecting to a remote repository and pushing code, are strictly conditional upon explicit user approval.
Audit Metadata