discovery
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates within a restricted scope of managing local markdown documentation for product discovery. All file operations are targeted at specific project subdirectories (./plans/).
- [PROMPT_INJECTION]: No patterns of instruction override, role-play jailbreaks, or safety filter bypasses were found in the instructions or metadata.
- [DATA_EXFILTRATION]: The skill does not perform any network operations and does not attempt to access sensitive credentials or system configuration files (e.g., .env, .ssh, .aws).
- [REMOTE_CODE_EXECUTION]: There are no external dependencies, third-party package installations, or dynamic code execution patterns identified in the codebase.
- [COMMAND_EXECUTION]: While the skill explores the codebase to assess feasibility, it does so using standard file-reading capabilities; no arbitrary shell command execution or privilege escalation attempts were detected.
Audit Metadata