forsvn
Pass
Audited by Gen Agent Trust Hub on Jul 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
!shell-execution syntax inreferences/procedures/state-snapshot.mdto gather project status diagnostics (e.g., checking for.forsvn/directory existence, grepping status fromPRODUCT-CONTEXT.md, and listing recent artifacts). These commands are hardcoded, focused purely on environment discovery, and do not incorporate unvalidated user input. - [DYNAMIC_EXECUTION]: The skill includes a local TypeScript script,
scripts/bootstrap-experience.ts, used to initialize the project's memory substrate. The script follows secure coding practices, including checking for and refusing to write through symbolic links and using thewxflag for atomic file creation to prevent unauthorized overwrites. - [PROMPT_INJECTION]: Because the skill ingests data from workspace files (e.g.,
README.md,ICP.md, andPRODUCT-CONTEXT.md), it possesses a surface for indirect prompt injection. However, the system mitigates this risk through a highly structured dispatch process, domain-specific routing chains, and rigorous quality gates defined in the procedural references. - [SAFE]: No malicious patterns, obfuscated code, or unauthorized network exfiltration attempts were identified. The high-privilege tools requested (such as
BashandEdit) are necessary for the skill's function as a project orchestrator and are used within a well-documented framework of anti-patterns and procedural safeguards.
Audit Metadata