woostack-fix
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands to manage development environments, specifically through
git worktreeoperations and internal utility scripts (e.g.,bash <wi>/resolve-base.sh). These operations are confined to the local repository context and are necessary for the skill's stated purpose of managing clean code increments. - [PROMPT_INJECTION]: There is a potential risk of indirect prompt injection if the agent processes malicious code or error logs that contain instructions designed to influence the agent's behavior. This risk is effectively mitigated by the skill's architecture, which includes a 'hardening' phase for the fix plan and a mandatory human-in-the-loop approval gate before execution begins.
- [DATA_EXFILTRATION]: The skill reads local repository data, including source code, diffs, and error logs, to diagnose issues. However, there are no patterns indicating the unauthorized transmission of this data to external or untrusted domains.
Audit Metadata