principle-build-the-lever
Pass
Audited by Gen Agent Trust Hub on Jul 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists entirely of markdown content providing methodological guidance for AI agents. It does not include any executable scripts, binaries, or configuration files that could pose a security risk.
- [SAFE]: No sensitive data exposure or exfiltration patterns were detected. There are no hardcoded credentials, API keys, or access to sensitive local file paths (e.g., .ssh, .aws).
- [SAFE]: No remote code execution or external downloads are present. The references to 'spawn-codex-worker' and 'codex exec' appear to be instructions for using internal environment tools rather than commands to fetch and run external content.
- [SAFE]: There is no evidence of prompt injection or attempts to bypass security filters. The instructions are focused on improving the reliability and reviewability of the agent's work output.
Audit Metadata