Skills
skills/bulls-cows/skills/yy-refresh/Gen Agent Trust Hub

yy-refresh

Pass

Audited by Gen Agent Trust Hub on Mar 23, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes local system commands including git diff, git status, and grep to identify and analyze code changes within the user's repository.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it ingests untrusted data from local files and git diff outputs into the agent's context without explicit sanitization.
  • Ingestion points: Local file content and git difference outputs are processed in SKILL.md (Stages 2 and 3).
  • Boundary markers: The workflow lacks specific delimiters or system instructions to ignore potential commands embedded within the code files being read.
  • Capability inventory: The skill employs git for repository metadata, read for file access, and grep for searching within files.
  • Sanitization: No evidence of content filtering or escaping of the ingested data was identified in the instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 23, 2026, 12:44 AM