find-bugs
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local system commands
git diffandgh repo viewto gather information about code changes on the current branch. These are standard developer tools and used here for read-only purposes.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data (source code and diffs) that may contain malicious instructions designed to subvert the agent's audit process.\n - Ingestion points: Processes output from
git diffand reads individual modified files as specified in Phase 1.\n - Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore potentially malicious content within the code being analyzed.\n
- Capability inventory: The skill is restricted to read-only operations using
git,gh, and file system read access.\n - Sanitization: No sanitization or filtering of the ingested code content is performed before analysis.
Audit Metadata