ziw-setup
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is instructed to identify and execute commands discovered within the repository's configuration files (e.g.,
package.json,Makefile,Justfile, and CI workflows) to verify the status of install, build, and test gates. - [DATA_EXFILTRATION]: The instructions require the agent to inspect sensitive local resources, including
environment files,deployment config, andservice inventories. This data exposure risk is mitigated by an explicit safety policy that forbids including secrets, tokens, or private logs in the output lookup table. - [PROMPT_INJECTION]: The skill is designed to ingest data from untrusted external sources such as issue tracker bodies, PR comments, and CI logs. It addresses indirect prompt injection through a formal 'Instruction Trust Boundaries' section that directs the agent to treat this context as untrusted and prevents it from overriding core security or workflow policies.
Audit Metadata