trellis-spec-bootstrap

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to install external analysis tools including gitnexus from the npm registry and abcoder from the CloudWeGo GitHub repository. These references target a well-known technology organization and a standard package registry.
  • [COMMAND_EXECUTION]: Includes instructions for running local analysis commands such as npx gitnexus analyze and abcoder parse. These commands are necessary to generate the architectural context required for the skill's primary purpose.
  • [DATA_EXFILTRATION]: The skill analyzes local repository content, including source files and AST structures, to generate documentation. All identified patterns and examples are stored locally in the .trellis/spec/ directory, and no network exfiltration patterns were detected.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 06:16 PM
Security Audit — agent-trust-hub — trellis-spec-bootstrap