doc-ears-autopilot
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: All file operations are restricted to local directories within the project structure (docs/ and ai_dev_ssd_flow/).
- [COMMAND_EXECUTION]: The skill executes local Python scripts for validation and auditing tasks, such as validate_ears.py and update_traceability_matrix.py, which are provided as part of the toolset. These are vendor-provided scripts within the project's own directory structure.
- [PROMPT_INJECTION]: The skill processes user-supplied PRD documents to extract requirements. Ingestion points: PRD sections 6, 9, 10, 11, 14, and 20. Boundary markers: None. Capability inventory: Local script execution and document generation. Sanitization: None. This ingestion surface is a necessary part of the skill's function and is consistent with the primary purpose of text processing and documentation generation.
Audit Metadata