history-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected in the skill's instructions or metadata.
- [NO_CODE]: The skill does not include any executable scripts, binary files, or external dependencies, consisting entirely of documentation and command invocation patterns.
- [PROMPT_INJECTION]: The instructions and example triggers use natural language for task definition and do not contain attempts to bypass safety filters or override system instructions.
- [INDIRECT_PROMPT_INJECTION]: The skill's primary function is to process repository data, which creates a potential surface for indirect prompt injection via commit messages. However, this is inherent to the tool's purpose and no specific vulnerabilities were identified. 1. Ingestion points: Git history, commit messages, and author names via the /sourceatlas:history command. 2. Boundary markers: None specified in the provided markdown. 3. Capability inventory: Repository hotspot and coupling analysis. 4. Sanitization: No sanitization logic is present as the skill contains no processing code.
Audit Metadata