bl-record
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to execute git commands on the local system, specifically
git status,git add -A,git branchless record,git checkout --detach, andgit sl. This is the primary and intended function of the skill for managing source control. - [PROMPT_INJECTION]: The skill contains an attack surface for indirect prompt injection through the user-provided commit message argument.
- Ingestion points: The
<message>argument inSKILL.mdis provided by the user and interpolated into thegit branchless recordcommand. - Boundary markers: No explicit boundary markers or instruction-ignoring delimiters are used in the command execution templates.
- Capability inventory: The skill has the capability to execute shell commands via the git CLI.
- Sanitization: There is no explicit sanitization or shell-escaping mentioned in the skill logic for the user-supplied message. However, this is considered a low-risk surface for a developer productivity tool.
Audit Metadata