completion-validation

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [SAFE]: The skill is purely instructional and designed to improve the reliability and honesty of the agent's reporting. It contains no malicious code, remote downloads, or obfuscation techniques.
  • [COMMAND_EXECUTION]: The instructions require the agent to execute standard development commands (e.g., npm test, tsc, git log, pm2 logs) to gather evidence for task completion. This is standard behavior for an agent intended for software development tasks.
  • [INDIRECT_PROMPT_INJECTION]: The skill instructs the agent to read and process output from various external commands and log files.
  • Ingestion points: Command outputs and logs referenced in SKILL.md (e.g., test runner outputs, PM2 logs).
  • Boundary markers: None explicitly defined in the instructions for the output data.
  • Capability inventory: Subprocess execution for development tools (npm, git, pm2, etc.) defined across the operational logic.
  • Sanitization: No specific sanitization or escaping of the ingested command output is mentioned.
  • While this ingestion creates a theoretical surface for indirect prompt injection, it is the primary and intended function of the skill to validate work, and the risk is assessed as minimal within the context of development workflows.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 05:46 PM
Security Audit — agent-trust-hub — completion-validation