commit
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- PROMPT_INJECTION (LOW): Indirect Prompt Injection vulnerability surface.
- Ingestion points: The skill (SKILL.md, step 2) instructs the agent to read all file changes from a git repository to generate summaries.
- Boundary markers: Absent. There are no instructions to delimit the diff data or to treat it as non-executable text.
- Capability inventory: While the skill itself has no scripts, it directs the agent to perform file system reads and git operations.
- Sanitization: Absent. No filtering or validation of the content of the file changes is mentioned.
- NO_CODE (SAFE): The skill consists solely of a markdown file with natural language instructions and contains no scripts, binaries, or external package dependencies.
Audit Metadata