skills/oldwinter/skills/supergoal/Gen Agent Trust Hub

supergoal

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes several internal shell scripts (detect-stack.sh, summarize-repo.sh, detect-env.sh) to perform comprehensive discovery of the project stack, repository layout, and local developer environment.
  • [COMMAND_EXECUTION]: The core functionality involves generating a multi-phase /goal command that executes arbitrary shell commands for building, testing, and linting software based on a dynamically generated roadmap.
  • [SAFE]: Employs a mandatory 'Plan Review' stage (Stage 6) which acts as a security hard gate, requiring the user to explicitly approve the generated roadmap, assumptions, and identified risks before any autonomous work is performed.
  • [SAFE]: Implements an automated 'Final Audit' process that validates the repository state against the original plan's deliverables using a dedicated script (repo-state.sh), ensuring the agent has actually performed the work correctly without hallucinating progress.
  • [SAFE]: Utilizes strict directory namespacing (via claim-run.sh) for all artifacts (STATE, ROADMAP, phase specs), preventing data corruption or interference between concurrent autonomous runs.
  • [SAFE]: The skill manages potential indirect prompt injection risks (Category 8) by ingesting repository metadata (ingestion points: project files via recon scripts) and routing it through a human-reviewed planning gate (boundary markers: Stage 6 confirmation) before leveraging its build capabilities (capability inventory: shell execution).
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 10:11 AM
Security Audit — agent-trust-hub — supergoal