develop

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the 'just' task runner and 'docker' for building and managing firmware development cycles. These commands are restricted via the frontmatter 'allowed-tools' configuration, following the principle of least privilege.
  • [PROMPT_INJECTION]: The skill mentions '$ARGUMENTS' for project selection but provides a clear mapping of valid inputs to specific commands, reducing the risk of arbitrary command injection through user arguments.
  • [DATA_EXFILTRATION]: No network operations, credential access, or sensitive file reads were detected. The serial monitoring is performed locally via pyserial.
  • [EXTERNAL_DOWNLOADS]: The skill does not include any remote code execution patterns, external script downloads, or package installations.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 08:45 AM
Security Audit — agent-trust-hub — develop