decision-maker
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill manages git operations including git_commit and git_push. These actions are central to its workflow for version control and code management as described in the Git Workflow section of SKILL.md.\n- [PROMPT_INJECTION]: The agent is susceptible to indirect prompt injection through the ingestion of external data.\n
- Ingestion points: The skill processes "decision beads" from other agents or workflows as described in its primary purpose (SKILL.md).\n
- Boundary markers: Absent; there are no specified delimiters to isolate bead content from the agent's internal instructions or to warn the agent to ignore instructions within the beads.\n
- Capability inventory: The agent can execute git commands (git_commit, git_push) and signal completion (done) through the provided JSON action format.\n
- Sanitization: No sanitization logic, escaping, or validation of external input from the beads is documented in the skill instructions.
Audit Metadata