cali-product-workflow
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a secure-by-design workflow featuring mandatory human review gates using the 'plannotator' tool before proceeding to execution phases, ensuring user oversight at critical decision points.
- [SAFE]: The execution phase includes isolation mechanisms, such as optional git worktrees, to prevent conflicts and unintended changes to the host environment when multiple workflows are active.
- [SAFE]: The 'cali-testing-ai-code' sub-skill promotes security best practices by recommending automated security scanning (SAST) and mutation testing to validate the quality and security of agent-generated code, specifically citing research on AI-specific vulnerabilities.
- [COMMAND_EXECUTION]: Employs standard system tools such as git, find, and ripgrep, and uses package managers (npm, pip) for legitimate development tasks like tech stack detection, regression testing, and impact analysis.
Audit Metadata