gsp-doctor
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs diagnostic checks on project files located in
.design/and verifies the health of the local installation within~/.claude/skills/. It uses standard tools (Bash,Read,Glob,Grep) for these tasks. All identified command execution is legitimate for a diagnostic tool and involves no privilege escalation or persistence mechanisms. - [SAFE]: Indirect Prompt Injection Analysis:
- Ingestion points: The skill reads various project documentation files (e.g., BRIEF.md, STATE.md, INDEX.md) which could potentially contain untrusted content.
- Boundary markers: None present.
- Capability inventory: Bash, Read, Glob, Grep.
- Sanitization: Not implemented; however, the skill is explicitly constrained to deterministic, read-only pattern matching tasks, which minimizes the risk of executing instructions embedded in data.
Audit Metadata