Skills
skills/bmad-code-org/bmad-utility-skills/bmad-os-root-cause-analysis/Gen Agent Trust Hub

bmad-os-root-cause-analysis

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the gh (GitHub CLI) and git command-line tools to resolve commit SHAs, read repository diffs, and fetch discussion history. It also performs file system write operations to save reports in a local _bmad-output/ directory.
  • [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection (Category 8) as it processes data from external, untrusted sources.
  • Ingestion points: Untrusted data enters the agent context through git diff output, git log entries, and gh pull request or issue discussions.
  • Boundary markers: Absent. There are no instructions for the agent to use delimiters or ignore potential instructions embedded within the analyzed git data.
  • Capability inventory: The agent has the capability to execute shell commands (git, gh) and write files to the local directory structure.
  • Sanitization: Absent. The skill provides no mechanisms for escaping or validating the content fetched from the repository history before analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 06:17 PM