install-rules
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill's primary function involves importing external markdown rules, which creates a potential surface for indirect prompt injection.
- Ingestion points: Local plugin rule directory as specified in the workflow phases.
- Boundary markers: None identified; rules are copied directly to the project rules directory.
- Capability inventory: Includes file writing and restricted shell commands for directory management and version control.
- Sanitization: No automated sanitization of rule content is performed.
Audit Metadata