flow-patch
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The static detector identified an instruction to hide internal self-review checklists from the user. A manual review confirms this is a benign UI/UX guideline intended to prevent the agent from cluttering the conversation with its internal logic worksheets. It does not attempt to conceal malicious actions or bypass safety protocols.
- [SAFE]: The skill implements a 'Micro-spec gate' and a 'Session and workspace gate.' These are blocking user confirmation steps that require explicit approval before the agent can write code, switch branches, or modify the local file system.
- [SAFE]: The skill defines a dual-review process for all code changes, requiring both 'spec compliance' and 'correctness' reviews before tasks are marked complete. This provides a multi-layered verification system for code integrity.
- [SAFE]: All operations are restricted to the local repository environment using standard development tools like Git. There are no external network requests, remote script executions, or attempts to access sensitive system files.
Audit Metadata