cleanup
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes various git commands to review project state and manage uncommitted changes. It also runs project-specific linting, testing, and auditing tools based on the detected environment (Node.js, Python, Rust, Go).
- [REMOTE_CODE_EXECUTION]: The skill invokes arbitrary project-defined scripts (e.g., 'npm run test:coverage') and package manager commands that may download updates or execute remote code (e.g., 'npm audit fix', 'npx eslint').
- [PROMPT_INJECTION]: The instructions mandate an autonomous operating mode, directing the agent to complete all checks and fixes without developer interaction until the final approval phase. This is intended to streamline the user experience.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted code changes and project manifests. Ingestion points: Git diff output, package.json, and source files. Boundary markers: None specified for the ingested content. Capability inventory: Shell command execution and file writing. Sanitization: The risk is mitigated by a mandatory user review and selection step at the end of the workflow.
Audit Metadata