define-north-star

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns, obfuscation, or unauthorized behaviors were detected in the skill instructions or metadata.
  • [COMMAND_EXECUTION]: The skill does not trigger or suggest the execution of shell commands or subprocesses during its runtime operation.
  • [DATA_EXFILTRATION]: Data access is limited to reading project vision documents and writing a specific north-star metric document to the local docs/ folder. No sensitive system files or credentials are accessed or transmitted.
  • [PROMPT_INJECTION]: The instructions do not contain any bypasses, overrides, or attempts to extract system prompts. The behavior is strictly bounded by the metric derivation framework.
  • [REMOTE_CODE_EXECUTION]: There are no patterns involving remote script downloads or dynamic code evaluation. The installation command mentioned in the README is intended for manual user setup and is not part of the agent's runtime behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 11:15 AM
Security Audit — agent-trust-hub — define-north-star