author-contributions
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The skill instructions explicitly direct the agent to 'Write a temp .py script, run it, then delete it.' Runtime script generation and execution bypasses static analysis and increases the attack surface.
- COMMAND_EXECUTION (MEDIUM): The provided 'Alternative Script' is vulnerable to shell injection. It uses unquoted shell variables like '$AUTHOR' within a bash pipeline, which could allow an attacker to execute arbitrary commands if they can influence the author name parameter.
- INDIRECT_PROMPT_INJECTION (LOW): This skill is vulnerable to indirect injection via git metadata. 1. Ingestion points: Data is ingested from 'git log' and 'git diff' outputs. 2. Boundary markers: None are used to delimit git output from processing logic. 3. Capability inventory: The skill can execute shell commands and Python scripts via subprocess. 4. Sanitization: No sanitization of git commit messages or author strings is performed before they are used in logic or displayed.
Audit Metadata