lifecycleinventory-review
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the
tiangongCLI through a Node.js wrapper script (scripts/run-review.mjs). This is the core functionality for performing reviews of process and lifecycle model artifacts. - [DATA_EXFILTRATION]: The skill operates on local file paths provided via command-line arguments (e.g.,
--run-dir,--out-dir). It does not demonstrate any patterns for exfiltrating sensitive data to external servers. - [PROMPT_INJECTION]: The skill instructions and metadata do not contain any patterns intended to bypass safety filters or override the agent's core behavioral constraints.
- [REMOTE_CODE_EXECUTION]: No instances of remote code execution or fetching of unverified scripts from external sources were found. The skill relies on local environment configuration and vendor-provided CLI tools.
Audit Metadata