Skills
skills/desek/governance/checkpoint-read/Gen Agent Trust Hub

checkpoint-read

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local git commands, specifically git log and git show, to retrieve commit history and details. These operations are used as intended for context recovery and are restricted to read-only queries within the local repository.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes Git commit messages and diffs, which are considered untrusted external data. There is a theoretical risk that malicious instructions embedded in a commit message could influence the agent's summarized output.
  • Ingestion points: Commit history and full commit details are ingested via git log and git show in Steps 1 and 2.
  • Boundary markers: None identified; the agent is instructed to summarize the content directly into specific categories.
  • Capability inventory: The skill is restricted to read-only Git commands and lacks file-write or network capabilities.
  • Sanitization: No sanitization or filtering of commit message content is performed before summarization.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 09:32 PM