brag-sheet
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands like
git,gh, andlsto retrieve the user's recent work history from local repositories and tool configurations. This is necessary for its core function of reconstructing accomplishments. - [EXTERNAL_DOWNLOADS]: The documentation references an optional extension hosted on a Microsoft GitHub repository. As this originates from a well-known and trusted service, it is considered safe and standard for developer-oriented tools.
- [DATA_EXFILTRATION]: While the skill reads local session logs and git history, it does so to present drafts for user review. There is no logic present that attempts to exfiltrate this data to external or untrusted domains.
- [SAFE]: The skill implements best practices for agent behavior, including requiring user confirmation before saving drafts, explicitly prohibiting the fabrication of metrics, and using qualitative evidence when metrics are unavailable.
Audit Metadata