wolf-instructions

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill establishes a multi-level instruction cascade (Project > Role > Domain > Global) and a command grammar (e.g., AS:, OOC:). These are architectural features designed for agent coordination and behavior management rather than adversarial injection. The framework includes non-overridable 'GLOBAL POLICY' constraints to ensure core security and governance standards remain intact.
  • [COMMAND_EXECUTION]: The skill provides structured patterns for utilizing the GitHub CLI (gh) to perform repository management tasks such as issue creation and pull request handling. These commands are restricted to standard development workflows and follow the principle of least privilege.
  • [DATA_EXFILTRATION]: The skill includes an explicit security policy (security-and-compliance.md) that prohibits the storage of plaintext secrets in code or configuration files and mandates the use of environment variables for sensitive data. This represents a security best practice for preventing accidental data exposure.
  • [EXTERNAL_DOWNLOADS]: The skill references other components within the same vendor ecosystem (wolf-roles, wolf-governance, wolf-principles) as dependencies. No downloads from untrusted third-party sources or unknown remote servers were identified.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 06:08 PM
Security Audit — agent-trust-hub — wolf-instructions