cs-goal
Pass
Audited by Gen Agent Trust Hub on Jun 30, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill ingests configuration and context from workspace files such as
.codestable/attention.mdand.codestable/reference/system-overview.md. This represents a potential surface for indirect prompt injection, which the skill manages by requiring human-readable reports and maintaining a machine-readable state model. - Ingestion points: Files in
.codestable/and.codestable/reference/directories. - Boundary markers: No explicit delimiters are used for separating project instructions from internal skill logic.
- Capability inventory: File writing, shell command execution for verification, and subagent dispatch.
- Sanitization: No explicit sanitization or filtering of workspace-provided instructions is documented.
- [COMMAND_EXECUTION]: The skill autonomously executes commands to implement code changes and verify outcomes. This is a core functional requirement of the agent and is governed by defined execution conventions and owner-stop rules for destructive or high-risk operations.
Audit Metadata