automate-me
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use standard Git commands (
git log,git worktree) to manage the lifecycle of user-mode skill files and versioning. These are standard developer operations for local file management. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from
agent-transcripts/to identify user patterns. - Ingestion points: Reads existing agent chat histories from the workspace-scoped
agent-transcripts/directory. - Boundary markers: Explicitly restricts scanning to the current workspace path to prevent cross-project data access, although it lacks specific delimiters for the mined content.
- Capability inventory: Performs file writing via the built-in
create-skilltool and executes version control operations. - Sanitization: No specific sanitization or filtering of the transcript content is performed during the pattern extraction phase.
- [SAFE]: The operations performed by the skill are local, transparently described, and include explicit instructions to prevent data leakage across different project workspaces. The external skill references (poteto-mode, unslop, create-skill) are treated as trusted platform-specific resources.
Audit Metadata