dex-improve
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill uses clear, instructional language to guide the agent through its processes. There are no attempts to bypass safety filters, extract system prompts, or override core agent behavior.
- [DATA_EXFILTRATION]: File access is restricted to specific project directories (e.g., '.claude/', 'System/', 'plans/'). The skill includes an analytics feature that uses a 'track_event' tool, which is documented as being contingent on user opt-in. No unauthorized data transfers or credential harvesting patterns were found.
- [EXTERNAL_DOWNLOADS]: The skill uses web search capabilities specifically to fetch changelogs and official documentation from trusted sources like Anthropic. It does not download or execute untrusted scripts or packages.
- [COMMAND_EXECUTION]: The skill's primary function is to generate planning documents and provide recommendations. It does not perform arbitrary shell command execution or attempt to escalate system privileges.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests user-provided ideas ($IDEA) as the primary input for its workshopping mode. While this is an entry point for external data, the skill's logic involves a structured refinement process rather than direct execution of the input, maintaining a low-risk profile.
Audit Metadata