Skills
skills/benredmond/apex/ship/Gen Agent Trust Hub

ship

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exposes an attack surface for indirect prompt injection through the processing of untrusted repository data and task descriptions.
  • Ingestion points: Processes content from ./apex/tasks/[ID].md and the output of git diff to provide context for review agents.
  • Boundary markers: Lacks explicit delimiters or instructions to ignore embedded commands when interpolating code diffs into sub-agent prompts.
  • Capability inventory: The skill can modify local files during documentation updates and execute shell commands for git operations (git add, git commit).
  • Sanitization: No sanitization or validation of the ingested code content is performed before it is passed to the review agents.
  • [COMMAND_EXECUTION]: Employs standard git CLI tools for version control management as part of its primary functionality.
  • Evidence: Executes git diff, git status, git add, and git commit to finalize task changes.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 03:26 PM