skills/rysweet/rustyclawd/batch/Gen Agent Trust Hub

batch

Pass

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes codebase content and user requirements to generate implementation plans. This vulnerability is mitigated by a mandatory human-in-the-loop approval step (Phase 3), requiring the user to review and approve the units, file lists, and test commands before agents are dispatched. Additionally, the skill includes explicit instructions to use isolated git worktrees for each task.
  • [COMMAND_EXECUTION]: The skill performs local command execution using standard development tools such as git, grep, find, and gh. These operations are restricted to the local repository context and temporary worktree directories, which is consistent with the skill's primary purpose of codebase orchestration and management.
  • [DATA_EXFILTRATION]: Network activity is limited to git push and gh pr create operations. These operations target the project's officially configured remote repository and are used solely for creating pull requests. No unauthorized data transmission to third-party domains was detected.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 21, 2026, 09:46 PM
Security Audit — agent-trust-hub — batch