sprint-status
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Read-only execution scope. The skill is strictly limited to information retrieval using the 'Read', 'Glob', and 'Grep' tools. It explicitly disclaims any ability to write files or propose system changes, minimizing the risk of unauthorized data modification.
- [SAFE]: No network or remote activity. Analysis of the instructions confirms there are no external network calls or attempts to download and execute remote scripts or packages.
- [SAFE]: Tool restriction. The skill adheres to the principle of least privilege by using only essential tools for static file analysis, which prevents arbitrary command execution.
- [SAFE]: Indirect Prompt Injection Surface. The skill ingests data from external files to generate reports. 1. Ingestion points: production/sprints/ directory and referenced story files. 2. Boundary markers: None explicitly defined. 3. Capability inventory: Read, Glob, Grep; no write, network, or execution capabilities. 4. Sanitization: None identified. Risk is assessed as safe due to the restricted toolset and read-only instructions.
Audit Metadata