develop
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the 'just' task runner and 'docker' for building and managing firmware development cycles. These commands are restricted via the frontmatter 'allowed-tools' configuration, following the principle of least privilege.
- [PROMPT_INJECTION]: The skill mentions '$ARGUMENTS' for project selection but provides a clear mapping of valid inputs to specific commands, reducing the risk of arbitrary command injection through user arguments.
- [DATA_EXFILTRATION]: No network operations, credential access, or sensitive file reads were detected. The serial monitoring is performed locally via pyserial.
- [EXTERNAL_DOWNLOADS]: The skill does not include any remote code execution patterns, external script downloads, or package installations.
Audit Metadata