pull-latest-code
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions define a workflow requiring the agent to execute several system commands, including
git stash,git pull --rebase, andgit stash pop, to manage the repository state. - [EXTERNAL_DOWNLOADS]: The skill performs network operations to fetch and download updates from remote Git servers.
- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface by ingesting external data. 1. Ingestion points: Content is pulled from remote Git repositories (SKILL.md). 2. Boundary markers: No delimiters or protective instructions are specified to handle the pulled content. 3. Capability inventory: The skill leverages command execution capabilities for git operations (SKILL.md). 4. Sanitization: No sanitization or verification of the external code is performed before it enters the environment.
Audit Metadata