diffity-learn
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the diffity package globally via npm (npm install -g diffity) if the tool is not already present in the environment.
- [COMMAND_EXECUTION]: Utilizes the Bash tool to perform filesystem operations, initialize git repositories, and interact with the diffity CLI for managing code tours and background tree instances.
- [REMOTE_CODE_EXECUTION]: Automated subagents (build and verify) are designed to generate, run, and test code projects within the workspace to provide interactive feedback and verify technical correctness.
- [PROMPT_INJECTION]: Exposed to indirect prompt injection risks by reading and processing untrusted user-authored code during the verification step, which is then analyzed by an LLM-based subagent.
- Ingestion points: User code files located in user-* subdirectories (e.g., src/main.rs).
- Boundary markers: None explicitly defined in the subagent instruction templates.
- Capability inventory: File system read/write, shell command execution via Bash tool, and code execution via language-specific runners.
- Sanitization: No explicit sanitization or validation of the user-provided code before it is processed by the verification agent.
Audit Metadata