The Agent Skills Directory

SAFE (SAFE): The skill follows established software engineering patterns for analysis and documentation. No indicators of credential theft, remote code execution from untrusted sources, or persistence mechanisms were found.- COMMAND_EXECUTION (LOW): The skill uses the Bash tool to perform git operations (diff, stat, log). While this allows command execution, the commands are limited to local repository analysis.- DATA_EXPOSURE (LOW): The skill accesses source code and commit history, which is essential for its primary function. There are no network tools (curl, wget) or external domains involved, minimizing exfiltration risk.- INDIRECT_PROMPT_INJECTION (LOW): The skill processes untrusted code changes from different branches. Evidence: 1. Ingestion points: Git diff/log output and file Read operations. 2. Boundary markers: Headings are used for structure but no explicit delimiters isolate untrusted data. 3. Capability inventory: Bash, Write, Edit, Grep. 4. Sanitization: Not explicitly defined.

branch-comparison