blueprint-init
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates entirely within the local project directory to establish a documentation framework and manifest file.
- [SAFE]: File discovery is performed using standard Bash commands (find, grep) with static arguments, avoiding risk from untrusted input.
- [SAFE]: All significant actions, such as migrating existing documents or enabling feature tracking, are gated behind user confirmation via the AskUserQuestion tool.
- [SAFE]: The skill proactively recommends security best practices, such as adding task directories to .gitignore and alerting the user to potential secret exposure in configuration folders.
Audit Metadata