define

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes standard git commands (git log, git diff, git rev-parse) to analyze the current repository state and seed the manifest with work-in-progress or recent changes.
  • [DATA_EXFILTRATION]: The skill reads local manifest files from the /tmp directory and the .manifest/ directory to manage session state and support amendments to previous plans.
  • [PROMPT_INJECTION]: The skill processes untrusted input from git commit messages, repository diffs, and previously generated manifests. While no malicious patterns were identified in the static content, this ingestion of external data presents a surface for Indirect Prompt Injection (Category 8).
  • [SAFE]: The extensive research references provided in the tasks/references/research/ directory are high-quality technical syntheses of established academic and industry methodologies. Although future-dated (e.g., February 2026), these documents serve as grounded procedural guidance for the agent's research and planning tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 07:37 AM
Security Audit — agent-trust-hub — define