sprint-sync
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local development commands to gather context. Specifically, it runs
git log --oneline -10to retrieve commit history, andnpm run testandnpm run buildto capture project metrics and status. These are standard developer operations but involve subprocess execution. - [PROMPT_INJECTION]: The skill has an indirect prompt injection vulnerability surface. * Ingestion points: The skill reads project documentation (
context/PROJECT_STATE.md) and command output fromgit log. * Boundary markers: No explicit delimiters or instructions are used to distinguish between trusted instructions and untrusted data from the git history. * Capability inventory: The skill has the ability to write to the file system (updatingPROJECT_STATE.mdand archiving sessions) and execute shell commands. * Sanitization: There is no evidence of sanitization or filtering applied to external data (like commit messages) before it is processed by the agent.
Audit Metadata