erk-diff-analysis
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists entirely of markdown-based instructions and prompt templates. It does not include any executable code, scripts, or automation logic.- [DATA_EXPOSURE]: No hardcoded credentials, API keys, or sensitive file paths were detected within the skill files.- [INDIRECT_PROMPT_INJECTION]: The skill processes git diffs, which are considered untrusted external data. While an attacker could theoretically embed instructions within a code diff, the skill lacks any capabilities (such as command execution, file system modification, or network access) to act upon such instructions. The risk is limited to minor manipulation of the generated text output.- [COMMAND_EXECUTION]: There are no shell commands, subprocess calls, or dynamic execution patterns present in the provided files.
Audit Metadata