premortem
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes several local shell commands for functional purposes:
curlis used to send POST requests to localhost:31337 for user notifications;echoanddateare used to append execution logs to a local JSONL file;bunis used to run the local report generation tool; andrg(ripgrep) is used to scan the skill directory for potential PII during maintenance. - [DATA_EXFILTRATION]: Network operations are performed via
curl, but these are restricted to communication withlocalhostfor environment-specific notifications, which does not constitute external exfiltration. - [SAFE]: The skill follows secure practices, including input validation and HTML escaping in its custom reporting tool (
GenerateReport.ts). It includes a 'public pre-flight' utility to prevent the accidental inclusion of personal data or credentials in the skill files.
Audit Metadata