historical-pattern-analysis
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOWCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill executes local shell commands including git, sort, uniq, head, and xargs to analyze repository history. These are standard tools for the stated purpose of historical analysis. Evidence: Shell snippets in SKILL.md.
- PROMPT_INJECTION (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because it ingests untrusted data from git history. 1. Ingestion points: Commit messages and file names via git log and git show. 2. Boundary markers: Absent; there are no instructions to ignore embedded commands within commit messages. 3. Capability inventory: Local shell command execution for analysis and report generation. 4. Sanitization: Absent; the skill directly processes and reports on historical data.
Audit Metadata