cs-goal

Pass

Audited by Gen Agent Trust Hub on Jun 30, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill ingests configuration and context from workspace files such as .codestable/attention.md and .codestable/reference/system-overview.md. This represents a potential surface for indirect prompt injection, which the skill manages by requiring human-readable reports and maintaining a machine-readable state model.
  • Ingestion points: Files in .codestable/ and .codestable/reference/ directories.
  • Boundary markers: No explicit delimiters are used for separating project instructions from internal skill logic.
  • Capability inventory: File writing, shell command execution for verification, and subagent dispatch.
  • Sanitization: No explicit sanitization or filtering of workspace-provided instructions is documented.
  • [COMMAND_EXECUTION]: The skill autonomously executes commands to implement code changes and verify outcomes. This is a core functional requirement of the agent and is governed by defined execution conventions and owner-stop rules for destructive or high-risk operations.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 30, 2026, 07:23 AM
Security Audit — agent-trust-hub — cs-goal