Skills
NYC
skills/johnlindquist/claude/diff-preview/Gen Agent Trust Hub

diff-preview

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (SAFE): The skill installs the 'google-generativeai' library using pip. Since the package is from a trusted organization (Google), the severity is downgraded per [TRUST-SCOPE-RULE].\n- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection through untrusted data in git diffs. \n
  • Ingestion points: Diff output from the git diff command (staged, cached, or between branches) is captured in the $DIFF shell variable.\n
  • Boundary markers: Absent. The $DIFF content is interpolated directly into the LLM prompt string without delimiters or instructions to ignore embedded commands.\n
  • Capability inventory: The skill primarily executes git commands and shell scripts but allows the output to be interpreted by an AI agent.\n
  • Sanitization: Absent. No escaping or filtering is applied to the git diff content before it is sent to the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:55 PM