docs-rfc
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFE
Full Analysis
- [DYNAMIC_CONTEXT_INJECTION]: The skill uses platform-specific shell execution (the !command syntax) to retrieve the git author's name and discover relevant project files via find and grep during the context-gathering phase. These operations are hardcoded, read-only, and restricted to the local environment.\n- [COMMAND_EXECUTION]: The skill is configured to use the Bash tool with a restricted scope limited to git commands, ensuring it can only perform repository-related lookups for authorship and environment metadata.\n- [DATA_EXPOSURE]: As part of its core workflow, the skill explores the local codebase to identify implementation patterns and technical constraints. This data is used solely to populate the RFC templates within the agent's context and is not exfiltrated.
Audit Metadata