gcc
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a local shell script (
scripts/gcc_init.sh) to initialize the.GCC/directory structure. This script performs standard file system operations like creating directories and writing initial markdown/YAML files. It contains no network operations or privilege escalation attempts. - [DATA_EXPOSURE]: The skill manages project context by reading and writing files under the
.GCC/directory in the project root. This data is used to maintain agent memory across sessions. The skill does not attempt to access sensitive system files (e.g., SSH keys, AWS credentials) or environment variables outside the project scope. - [INDIRECT_PROMPT_INJECTION]: As a context management tool, the skill naturally ingests information about the project (file names, summaries of work, technical contributions) and stores them in structured logs. While this creates a surface for indirect prompt injection if the project being worked on contains malicious data, the skill implements no high-risk capabilities (like remote code execution or system modification) that would make such an injection exploitable. This behavior is consistent with the primary purpose of managing agent memory.
- Ingestion points: SKILL.md instructions for reading
.GCC/main.md,commit.md,log.md, andmetadata.yaml. - Boundary markers: None explicitly defined in the memory files themselves.
- Capability inventory: Local file-write operations and execution of the included initialization script.
- Sanitization: None detected; the skill relies on the agent's internal safety filters when processing project context.
Audit Metadata