audit
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill instructions (SKILL.md) correctly implement auditing logic without introducing malicious overrides or safety bypasses. It uses standard git commands such as git diff and git log to gather context for repository reviews.
- [EXTERNAL_DOWNLOADS]: Installation instructions involve downloading the skill markdown file from the author's official GitHub repository (adewale/audit-skill). This is a standard and transparent distribution method.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes external codebase data. 1. Ingestion points: Git diff outputs, git logs, and codebase files (e.g., .py, .js, .md) analyzed by sub-agents. 2. Boundary markers: Absent in the skill instructions. 3. Capability inventory: Read-only access to repository files and metadata via git commands. 4. Sanitization: No explicit sanitization or filtering of analyzed content is performed.
Audit Metadata