ah-finalize-code
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands such as
git diff,npm run test:coverage, andpnpm docs:generate. These are part of the intended workflow but interact with the local environment.\n- [PROMPT_INJECTION]: The skill processes code diffs and specification files through LLM subagents, creating a surface for indirect prompt injection.\n - Ingestion points: Reads
git diff,spec.md, and files inspecs/.\n - Boundary markers: No delimiters or safety instructions are used when passing external data to subagents.\n
- Capability inventory: Can modify files, commit to Git, and create PRs.\n
- Sanitization: No input validation or escaping is applied to processed data.
Audit Metadata