clean-artifacts

Pass

Audited by Gen Agent Trust Hub on Jul 4, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill uses dynamic context injection (the '!' syntax) in the SKILL.md file to execute benign local commands for status reporting, such as counting markdown files and checking the git history of the manifest. These operations are restricted to local disk and version control metadata.
  • [SAFE]: Supporting scripts like manifest-sync.ts and bootstrap-experience.ts implement robust path validation, ensuring that file writes and reads remain within the project scope and refusing to follow or overwrite symbolic links.
  • [SAFE]: The skill defines clear 'HARD-NEVER' rules that prevent the agent from touching sensitive directories like .git, node_modules, or canonical research and brand folders, regardless of their age or manifest status.
  • [SAFE]: The process for archiving files includes a mandatory human-in-the-loop confirmation step for each category of artifacts identified (STALE, ORPHAN, LEGACY, EPHEMERAL), ensuring the operator retains final control over all changes.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 4, 2026, 10:16 PM
Security Audit — agent-trust-hub — clean-artifacts