bkit-rules
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines a set of methodology rules (PDCA) and quality standards for AI agent behavior within the bkit ecosystem.
- [COMMAND_EXECUTION]: The skill provides documentation and configuration examples for defining tool permissions in the environment (e.g., wildcard permissions for
npm,node, andgit). These are instructions for user-level configuration and do not involve autonomous execution of dangerous commands. - [DATA_EXFILTRATION]: Analysis of the level detection logic shows it relies on identifying common project files (e.g.,
terraform,turbo.json,supabase/) to categorize project complexity. No patterns for accessing sensitive files or exfiltrating data to external domains were found. - [REMOTE_CODE_EXECUTION]: The skill mentions hooks (e.g.,
pre-write.js) and imports local templates, but does not contain instructions to download or execute code from untrusted remote sources.
Audit Metadata