tv-git-scan
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill executes git status, git diff, and git log commands. These are read-only operations restricted to the local repository context and match the stated purpose.
- [Indirect Prompt Injection] (LOW): The skill ingests untrusted data from git commit messages and diff contents which could attempt to influence the agent's summary. 1. Ingestion points: outputs of git log and git diff. 2. Boundary markers: None. 3. Capability inventory: Restricted to summarization; no network access or file-write capabilities are defined. 4. Sanitization: None.
Audit Metadata