frontend-decision-sync
Pass
Audited by Gen Agent Trust Hub on Jun 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data exfiltration techniques were detected in the skill instructions. The skill's behavior is consistent with its stated purpose of managing project documentation.
- [PROMPT_INJECTION]: The skill is designed to read code diffs and write to instruction files like
AGENTS.md. While this creates a surface for indirect prompt injection (where malicious content in code could be propagated to agent instructions), the skill mitigates this through structured gates (Gate 1 and Gate 4) that require evidence-based extraction and consistency verification. - [COMMAND_EXECUTION]: No shell commands, external script executions, or dynamic context injections (
!command) were found in the provided files.
Audit Metadata