learning-log-generator
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill executes local
git logcommands to retrieve history from thenotes/directory. This is a functional requirement for the skill's stated purpose but involves interacting with the system shell. - PROMPT_INJECTION (LOW): Detected an indirect prompt injection surface (Category 8) where the skill processes untrusted external data.
- Ingestion points: Commit messages retrieved via
git logand the content of markdown files in thenotes/directory (frontmatter, headers, and summaries). - Boundary markers: Absent. The instructions do not specify delimiters or warnings to ignore instructions that might be embedded within the notes or commit messages.
- Capability inventory: The skill uses
gitvia subprocess to read metadata and file lists. It does not currently demonstrate file-write or network capabilities. - Sanitization: No sanitization or validation logic is defined to clean data extracted from the repository before it is interpreted by the agent for recap generation.
Audit Metadata