llm-wiki-cadence-governance
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill defines a governance workflow for documentation and repository architecture. No malicious patterns such as prompt injection, data exfiltration, or obfuscation were detected.
- [COMMAND_EXECUTION]: The instructions direct the agent to execute repository-specific tests and validators (e.g., for graph manifests, schemas, and docs). This is a standard development procedure within a workspace and does not involve downloading or executing untrusted remote code.
- [SAFE]: The skill includes an attack surface for indirect prompt injection as it ingests repository content and external technical topics to generate GitHub issues. However, the workflow incorporates strong mitigation through a mandatory 'user approval' gate and 'adversarial review' before any implementation occurs.
- Ingestion points: Repository information architecture files and external LLM/agent engineering topics.
- Boundary markers: No explicit delimiters are specified for ingested content.
- Capability inventory: The skill can create GitHub issues and run local repository validation scripts.
- Sanitization: The workflow requires human intervention ('user approval') and 'adversarial review' before proposed changes are implemented.
Audit Metadata