health-project-context
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates as a purely local analysis tool with no network capabilities or external dependencies. It identifies jurisdiction, audience, and project stage based on repository evidence and persists this context in a local YAML file with user confirmation.
- [PROMPT_INJECTION]: The skill instructions include a 'Prompt injection boundary' section. This is a defensive measure that explicitly directs the agent to treat repository content as data and ignore any embedded directives (such as 'ignore previous instructions'). The static analysis hit for prompt injection is a false positive triggered by this protective warning text.
- [DATA_EXFILTRATION]: No data exfiltration risks were identified. The skill only reads files within the target repository and writes to a single specific path (
.health-context.yaml) at the repository root. It does not perform any HTTP requests or data transmissions. - [COMMAND_EXECUTION]: The skill does not utilize shell commands, subprocesses, or dynamic code execution. Its logic is based on pattern matching and inference from existing text files within the repository.
Audit Metadata