pdca-batch
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements standard workflow management logic. It coordinates between existing PDCA features by reading and writing to a local state file (
.bkit/state/pdca-status.json). - [DATA_EXPOSURE]: Access is restricted to internal project metadata and state files necessary for the skill's primary function. There is no evidence of credential harvesting or sensitive data exfiltration to external services.
- [COMMAND_EXECUTION]: Although the skill has access to the
Bashtool, its instructions are scoped to organizational tasks such as status reporting and document initialization. It does not include patterns for arbitrary command execution or shell injection. - [INDIRECT_PROMPT_INJECTION]: While the skill ingests external data (feature names and JSON state), it functions as a management layer for other agent tasks. There is no indication that processed data is used to override agent instructions.
Audit Metadata