verification-before-completion
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The skill uses strong imperative language to define operational boundaries and reporting standards. While it uses markers like 'IMPORTANT' and 'NON-NEGOTIABLE', these are directed at ensuring task accuracy and honesty rather than bypassing safety filters or extracting system prompts.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or network operations were detected. The skill focuses on local command verification.
- Indirect Prompt Injection (SAFE): The skill describes a workflow that ingests external data (command outputs and VCS diffs), which is a potential injection surface.
- Ingestion points: Command execution outputs and version control system (VCS) diffs as described in
SKILL.md. - Boundary markers: Absent; the skill does not specify the use of delimiters when reading external outputs.
- Capability inventory: The instructions involve running system commands and performing VCS actions (committing/creating PRs).
- Sanitization: Absent; the skill does not provide instructions for sanitizing or escaping the data read from external sources.
- Unverifiable Dependencies & Remote Code Execution (SAFE): No package installations or remote script downloads are present.
Audit Metadata