VibeCoding Recovery
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is state persistence and recovery within the local environment. It accesses non-sensitive project metadata to facilitate workflow continuity.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by ingesting and displaying data from local state files that could potentially be modified by external sources.
- Ingestion points: .ai_state/state.json, .ai_state/feature_list.json, .ai_state/progress.json, .ai_state/quality.json, and .ai_state/lessons.md (SKILL.md).
- Boundary markers: Absent; the agent is instructed to read and output file contents directly into the conversational context.
- Capability inventory: Orchestrates internal workflow skills (vibecoding-plan, vibecoding-execute, etc.); no direct command execution or network exfiltration capabilities are present in this skill.
- Sanitization: Absent; the skill relies on the integrity of the project's .ai_state directory for task recovery.
Audit Metadata