fusion-rules
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill identifies ingestion points where it reads project files such as README, CONTRIBUTING, and CI configs across all agent files. Boundary markers are implemented as requirements to show diffs and drafts to the user. The capability inventory includes writing configuration files to the repository. Sanitization is achieved through mandatory human-in-the-loop approval before any file writes occur.
- [SAFE]: The skill serves as an orchestrator that routes user intent to specialized agents for GitHub Copilot, Cursor, and Claude Code rule authoring.
- [COMMAND_EXECUTION]: The agents are authorized to create and update rule files in dedicated directories (e.g., .github/instructions, .cursor/rules). These actions are explicitly gated by instructions to never overwrite files without user permission.
- [EXTERNAL_DOWNLOADS]: Remote links in the changelog documentation refer to the vendor's own GitHub repositories, which are trusted sources for project history and commit tracking.
Audit Metadata