supergoal
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes several internal shell scripts (
detect-stack.sh,summarize-repo.sh,detect-env.sh) to perform comprehensive discovery of the project stack, repository layout, and local developer environment. - [COMMAND_EXECUTION]: The core functionality involves generating a multi-phase
/goalcommand that executes arbitrary shell commands for building, testing, and linting software based on a dynamically generated roadmap. - [SAFE]: Employs a mandatory 'Plan Review' stage (Stage 6) which acts as a security hard gate, requiring the user to explicitly approve the generated roadmap, assumptions, and identified risks before any autonomous work is performed.
- [SAFE]: Implements an automated 'Final Audit' process that validates the repository state against the original plan's deliverables using a dedicated script (
repo-state.sh), ensuring the agent has actually performed the work correctly without hallucinating progress. - [SAFE]: Utilizes strict directory namespacing (via
claim-run.sh) for all artifacts (STATE, ROADMAP, phase specs), preventing data corruption or interference between concurrent autonomous runs. - [SAFE]: The skill manages potential indirect prompt injection risks (Category 8) by ingesting repository metadata (ingestion points: project files via recon scripts) and routing it through a human-reviewed planning gate (boundary markers: Stage 6 confirmation) before leveraging its build capabilities (capability inventory: shell execution).
Audit Metadata