wiki-qa
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill instructs the agent to execute
git remote get-url originandgit rev-parse --abbrev-ref HEAD. These are read-only, informational commands necessary for resolving the source repository context and do not pose a significant security risk in this context. - PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection (Category 8) because it ingests and processes untrusted data from the local repository files.
- Ingestion points: Local source files read during the
searchandreadsteps. - Boundary markers: None explicitly defined to distinguish between source code and potential embedded instructions.
- Capability inventory: File system read access, subprocess execution of informational
gitcommands. - Sanitization: No explicit sanitization or filtering of file content is described before processing or citation generation.
Audit Metadata