geo-fix
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a robust human-in-the-loop security model for all code modifications. It mandates a diff+confirm workflow and uses 'AskUserQuestion' to collect and validate sensitive data such as identity URLs.
- [SAFE]: Explicit safety rules prevent the agent from fabricating content, guessing user intent, or performing 'cloaking' (serving different content to bots than humans), which aligns with industry best practices for bot transparency.
- [SAFE]: The skill includes a
--dry-runflag that allows the agent to process the audit findings and display proposed changes in the terminal without performing any write operations to the disk. - [SAFE]: Although the skill identifies an attack surface for indirect prompt injection by processing an external audit report (
/geo-audit/latest.md), the risk is effectively mitigated. - Ingestion points: The agent reads findings from
docs/geo-audit/latest.mdand project source files. - Boundary markers: Instructions do not specify explicit data delimiters, but the 'Safe-auto' vs 'Intent-requiring' classification system acts as a logic-based boundary.
- Capability inventory: The skill has file-write capabilities across the project directory (including
robots.txtand framework-specific source files). - Sanitization: All modifications require batch or individual user confirmation via a diff preview, ensuring the user remains the final authority on code changes.
Audit Metadata