review-proposal-auto
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill restricts its file operations to the
docs/threads/directory. It reads proposal files and writes report files within this scope, preventing access to sensitive system configuration or user data. - [SAFE]: There is no evidence of network activity, external dependency fetching, or remote code execution. All logic is contained within the instructions and executed using the agent's native text processing capabilities.
- [SAFE]: The skill does not include any obfuscation, hardcoded credentials, or persistence mechanisms.
- [SAFE]: Although the skill processes untrusted input (the proposal artifacts), its capability is limited to emitting markdown reports. It lacks access to dangerous tools (like shell execution or network requests) that could be exploited via indirect prompt injection.
Audit Metadata