compound
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes git commands and grep for analyzing repository changes and managing documentation files. These actions are standard for development environments and are performed locally without elevated privileges.
- [DATA_EXFILTRATION]: The skill reads commit messages and code diffs to generate documentation. There is no evidence of exfiltration to external domains or unauthorized access to sensitive files like credentials or environment variables.
- [PROMPT_INJECTION]: The skill processes data from git history and user input to generate documentation, which represents a surface for indirect prompt injection. Ingestion points: git log, git diff, and user answers. Boundary markers: Absent. Capability inventory: git and grep command execution, and file system writes via git. Sanitization: Absent. This surface is inherent to the skill's purpose and is assessed as safe within its intended development context.
Audit Metadata