drift-analysis
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (SAFE): No direct instructions to bypass filters or override agent constraints were detected.- [Indirect Prompt Injection] (LOW): The skill is susceptible to instructions embedded in external project data.
- Ingestion points: GitHub issues, PR metadata, and documentation files such as PLAN.md and README.md.
- Boundary markers: Absent; the output templates do not use delimiters or instructions to ignore embedded commands.
- Capability inventory: Semantic analysis and markdown report generation via LLM (Opus).
- Sanitization: None provided in the described data collection logic.- [Data Exposure & Exfiltration] (SAFE): The skill accesses the codebase and GitHub data as part of its primary drift-detection purpose. No unauthorized network calls or hardcoded credentials were identified.- [Unverifiable Dependencies] (SAFE): The architecture references a local JavaScript module (collectors.js) but does not perform remote code downloads or untrusted package installations.
Audit Metadata