Skills
skills/kamranahmedse/diffity/diffity-resolve-tree/Gen Agent Trust Hub

diffity-resolve-tree

Pass

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructions direct the agent to install the diffity CLI tool globally using npm install -g diffity if it is not found on the system.
  • [COMMAND_EXECUTION]: The skill relies on executing various shell commands through the diffity CLI tool, such as diffity agent list, diffity agent reply, and diffity agent resolve, to interact with the repository review session.
  • [PROMPT_INJECTION]: The skill is designed to read and act upon comment threads from an external 'tree browser' which provides untrusted data that could influence the agent's behavior.
  • Ingestion points: Untrusted data enters the agent context through the JSON output of diffity agent list --status open --json, specifically the body field of the comments.
  • Boundary markers: The instructions lack delimiters or specific warnings to the agent to treat the comment text as data rather than instructions.
  • Capability inventory: The agent is authorized to perform file system modifications (code fixes, refactors, documentation updates) and execute CLI replies based on the content of these comments.
  • Sanitization: There is no logic provided to sanitize or validate the content of the comments before the agent interprets them as actionable requests.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 25, 2026, 01:03 AM