deslop-code
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): Vulnerable to indirect prompt injection as it processes untrusted git diffs and has file-write capabilities. * Ingestion points: Git diff output (SKILL.md). * Boundary markers: Absent. * Capability inventory: Modification/deletion of code, specifically removing defensive checks and try/catch blocks (SKILL.md). * Sanitization: Absent.
- [Command Execution] (MEDIUM): Executes
git diffto identify changes in the repository, which interacts directly with the system environment.
Recommendations
- AI detected serious security threats
Audit Metadata