bugfix-workflow
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill primarily consists of Markdown templates (
bugfix-template.md,design-template.md) and archived bug reports. These files provide a structured methodology for engineers but do not contain executable logic that could compromise a system. - [EXTERNAL_DOWNLOADS]: An archived example file (
index-processed.html) references external assets such as Tailwind CSS, ECharts, and FontAwesome fromcdn.letsmagic.cn. These are used for rendering visual data reports and appear to be legitimate resources associated with the author's platform. - [COMMAND_EXECUTION]: The skill does not define any automated tools or executable scripts. It relies on a manual documentation process and does not interact with the host operating system's shell.
- [DATA_EXFILTRATION]: The archived HTML files include communication logic using the browser's
window.postMessageAPI. This is a standard mechanism for iframe-based editor environments to communicate with a parent window and does not represent an unauthorized data exfiltration risk. - [NO_CODE]: The skill is entirely declarative and instructional. It contains no implementation code (Python or Node.js) that would be executed by the agent's runtime environment.
Audit Metadata