commit
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands using
nix develop -c mdformatfor file formatting and severalgitcommands (status,diff,add,commit) for repository management. These are standard operations for a development workflow. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it analyzes content from markdown files which could contain malicious instructions intended to influence the agent's behavior during the review process. Ingestion points: Markdown files in
skills/,.claude/,agents/,templates/, and the current directory. Boundary markers: Absent; content is processed directly. Capability inventory: Shell execution vianixandgit. Sanitization: No sanitization of the reviewed content is performed.
Audit Metadata