micropatch
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands, specifically Git tools like
git logandgit diff, to analyze repository history and identify changes for patch creation.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection viamicropatch.mdfiles. These files are defined as the authoritative source of truth for the agent's actions during the implementation and verification phases. A maliciously crafted patch file could contain instructions designed to trick the agent into performing unauthorized code modifications or executing harmful commands.\n - Ingestion points: Processes content from
micropatch.mdandhints.difffiles provided as input to the skill.\n - Boundary markers: There are no explicit delimiters or instructions to treat the external file content as data rather than instructions.\n
- Capability inventory: The agent has the capability to modify the filesystem, execute Git commands, and run verification steps defined in the 'Definition of Done'.\n
- Sanitization: No validation or sanitization is performed on the instructions, code snippets, or verification commands contained within the patch files.
Audit Metadata