social-context

Pass

Audited by Gen Agent Trust Hub on Jul 18, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill performs legitimate local file operations (reading and writing social-context.md) to maintain a project configuration file.
  • [DATA_EXFILTRATION]: No network activity, curl, wget, or other data transmission patterns were detected. The skill's scope is strictly limited to the local project environment.
  • [REMOTE_CODE_EXECUTION]: The skill does not include any package installations, remote script downloads, or dynamic execution patterns like eval() or exec().
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests data from an existing social-context.md file to skip redundant interview questions. While this constitutes an untrusted data surface, the skill lacks the operational capabilities (such as shell execution or network requests) that would allow malicious instructions in that file to be exploited. Evidence: Ingestion point at SKILL.md (Workflow Step 11), missing sanitization, but capability inventory is limited to local file writing.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 18, 2026, 07:08 AM
Security Audit — agent-trust-hub — social-context