postmortem
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary purpose is to provide a template and process for documenting 'Lessons Learned' after incidents or mistakes. Its activities are confined to structured data collection and local documentation updates.
- [DATA_EXPOSURE]: The skill uses tools like
Read,Write,Edit,Glob, andGrepto manage incident logs inlog/incidents/and update project documentation such asMEMORY.mdandCLAUDE.md. There is no evidence of sensitive data exposure or exfiltration to external systems. - [REMOTE_CODE_EXECUTION]: No external packages, remote scripts, or network-based execution patterns were detected. The skill operates entirely on the local environment using the agent's built-in file manipulation tools.
- [INDIRECT_PROMPT_INJECTION]: While the skill processes user-provided descriptions of incidents (untrusted data) to update documentation or rules (Phase 6), this behavior is the core intended functionality for self-correction. The risk is minimal as it targets structured documentation updates within the local project context.
Audit Metadata