start-feature
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses string interpolation to include user-provided arguments directly into shell commands, creating an indirect prompt injection surface.
- Ingestion points: User-provided arguments ($ARGUMENTS) in SKILL.md.
- Boundary markers: Absent; user input is not delimited or encapsulated.
- Capability inventory: The skill uses the Bash tool with access to git commands (Bash(git:*)) as defined in SKILL.md.
- Sanitization: No sanitization or validation of the input arguments is performed before execution.
- [COMMAND_EXECUTION]: The skill executes bash commands including 'git flow feature start' and 'git push' with direct interpolation of user input, which could allow for the injection of unintended git flags or command segments if the input contains shell metacharacters.
Audit Metadata