scaffold-gateables
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a legitimate code scaffolding tool. It follows a secure-by-default 'fail-closed' implementation where all gated features return false until manually wired to a monetization provider.
- [COMMAND_EXECUTION]: The instructions involve standard development commands such as
npm run buildandnpm run devto verify the state of the game after modification. These are routine for the intended use case. - [DATA_EXFILTRATION]: Analysis of the skill body shows no network operations, API calls, or remote data transmissions. The tool operates strictly on the local project directory.
- [PROMPT_INJECTION]: There are no indicators of prompt injection, role-play bypasses, or instructions to ignore safety guidelines. The instructional language is focused on procedural implementation logic.
Audit Metadata