repo-bible
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a robust framework for project strategy and requirements management without introducing security risks.
- [COMMAND_EXECUTION]: The Python script
scripts/repo_bible.pyuses thesubprocessmodule to executegitcommands (git branch,git status). These calls use a list of arguments and do not enable shell execution (shell=False), which is a safe way to interact with the environment. - [DATA_EXPOSURE]: The skill performs repository 'inventory' and 'claim scans', which involve reading local files (markdown, source code). This data is used to generate reports locally in the
.church/bible/directory or displayed to the user via stdout. There are no network operations or exfiltration patterns detected. - [DYNAMIC_EXECUTION]: The skill generates local HTML files (
vision-intake.htmland rendered documentation) that include standard CSS and JavaScript for local interactivity (e.g., saving data tolocalStorageor downloading generated files as Blobs). The generated code does not include any external tracking or remote communication logic.
Audit Metadata