wiki-researcher
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Command Execution (LOW): The skill requires the agent to execute shell commands (
git remote get-url originandgit rev-parse --abbrev-ref HEAD) to determine the repository state. While common for development tools, this grants the skill local command execution capabilities.\n- Indirect Prompt Injection (LOW): The skill is designed to ingest and interpret code from arbitrary repositories, creating a surface for indirect prompt injection.\n - Ingestion points: Implementation files and documentation within the user's codebase.\n
- Boundary markers: Absent. The skill provides no instructions to ignore or treat comments/data within the analyzed files as untrusted.\n
- Capability inventory: Extensive file reading and local git command execution.\n
- Sanitization: Absent. The skill iterates through code paths and summaries without escaping or validating the content of the analyzed files.
Audit Metadata