skills/hungv47/meta-skills/forsvn/Gen Agent Trust Hub

forsvn

Pass

Audited by Gen Agent Trust Hub on Jul 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the ! shell-execution syntax in references/procedures/state-snapshot.md to gather project status diagnostics (e.g., checking for .forsvn/ directory existence, grepping status from PRODUCT-CONTEXT.md, and listing recent artifacts). These commands are hardcoded, focused purely on environment discovery, and do not incorporate unvalidated user input.
  • [DYNAMIC_EXECUTION]: The skill includes a local TypeScript script, scripts/bootstrap-experience.ts, used to initialize the project's memory substrate. The script follows secure coding practices, including checking for and refusing to write through symbolic links and using the wx flag for atomic file creation to prevent unauthorized overwrites.
  • [PROMPT_INJECTION]: Because the skill ingests data from workspace files (e.g., README.md, ICP.md, and PRODUCT-CONTEXT.md), it possesses a surface for indirect prompt injection. However, the system mitigates this risk through a highly structured dispatch process, domain-specific routing chains, and rigorous quality gates defined in the procedural references.
  • [SAFE]: No malicious patterns, obfuscated code, or unauthorized network exfiltration attempts were identified. The high-privilege tools requested (such as Bash and Edit) are necessary for the skill's function as a project orchestrator and are used within a well-documented framework of anti-patterns and procedural safeguards.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 4, 2026, 10:16 PM
Security Audit — agent-trust-hub — forsvn