cuopt-developer
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a set of non-negotiable 'Refusal Rules' that instruct the agent to decline harmful operations, including privileged commands (sudo), destructive actions (rm -rf), and writes outside the project workspace.
- [SAFE]: Static analysis triggers for code execution patterns in
benchmark/evals.jsonare false positives. These instances are safety test cases (e.g.,dev-038-injection-eval-user-inputanddev-023-injection-curl-bash) used to ensure the agent correctly identifies and refuses malicious user requests. - [SAFE]: Dependency management is strictly controlled through a central
dependencies.yamlfile and automated hooks, preventing ad-hoc or unauthorized package installations during development. - [SAFE]: The skill follows secure contribution practices, such as requiring Developer Certificate of Origin (DCO) sign-offs for all commits and utilizing a fork-based pull request workflow.
Audit Metadata