Skills
skills/jintanba/claude-pm-skills/dev-daily/Gen Agent Trust Hub

dev-daily

Pass

Audited by Gen Agent Trust Hub on Apr 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses git and gh (GitHub CLI) to perform various operations, including retrieving the current user's login, listing project items, and extracting commit logs and diffs. These operations are essential for the skill's stated purpose of workflow automation.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes untrusted data from external sources (GitHub commit messages, Pull Request titles, and Issue descriptions). Malicious instructions embedded in these fields could potentially influence the agent's behavior when generating summaries or reports.
  • Ingestion points: git log, gh pr list, and gh project item-list in SKILL.md.
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present when processing external content.
  • Capability inventory: The skill has the capability to execute shell commands (git, gh) and format output for the user.
  • Sanitization: No evidence of sanitization or validation of the ingested strings before they are interpolated into the report generation prompt.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 6, 2026, 03:21 AM