status-reporting
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from sources like Git commit history and issue trackers, which could contain malicious instructions designed to alter the generated report. * Ingestion points: SKILL.md (Git commits, PR descriptions, issue trackers). * Boundary markers: No explicit delimiters or warnings to ignore instructions within the ingested data. * Capability inventory: No code execution, file system access, or network operations are defined in the skill. * Sanitization: No evidence of data sanitization or validation logic.
- [SAFE]: No executable code, scripts, or external dependencies are included in the skill package.
Audit Metadata