sred-work-summary
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses local shell commands such as
find,sed, anddateto identify git repositories and determine date ranges for data collection. These are standard utility commands for project discovery and do not represent a security risk in this context. - [INDIRECT_PROMPT_INJECTION]: The skill processes content from external sources (GitHub PRs, Notion documents, and Linear tickets), creating a surface for potential indirect prompt injection if those sources contain malicious instructions. 1. Ingestion points: GitHub PR titles/descriptions, Notion document content, and Linear ticket details (identified in Steps 4, 6, and 7). 2. Boundary markers: No explicit delimiters or boundary markers are defined to isolate the ingested content from the agent's instructions. 3. Capability inventory: Shell command execution (find, sed, date, gh) and read/write capabilities for Notion, GitHub, and Linear via MCPs. 4. Sanitization: No sanitization or validation of the ingested content is performed before it is summarized and written to the Notion document.
Audit Metadata