Skills
skills/apiiro/marketplace/apiiro-diff-scan/Gen Agent Trust Hub

apiiro-diff-scan

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the apiiro CLI tool (apiiro diff-scan) to compare git references. This is the intended primary function for security risk assessment in CI/CD pipelines.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes external, untrusted git repository content via the CLI tool.
  • Ingestion points: Repository URLs, branch names, and commit hashes are passed to the apiiro command, which then analyzes the content of the referenced git repository (SKILL.md).
  • Boundary markers: None are present in the provided command examples to separate tool output from agent instructions.
  • Capability inventory: The skill uses subprocess execution via the apiiro CLI command.
  • Sanitization: No explicit sanitization or validation of the repository data or CLI output is defined in the instruction file.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 09:29 PM