actualize
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands like
git rev-parseandgit diffto identify changes in the repository. These commands are localized to the project environment and are standard for the skill's stated purpose of auditing. - [PROMPT_INJECTION]: The skill identifies an attack surface for indirect prompt injection (Category 8) by processing external repository data.
- Ingestion points: Reads git diff outputs and the contents of various configuration files (e.g., package.json, requirements.txt, .env.example) and files within the .fpf/ directory.
- Boundary markers: Absent; the skill does not define specific delimiters or instructions to the agent to ignore potentially malicious instructions embedded within the files being audited.
- Capability inventory: The skill is limited to reading local files and executing specific git commands. It does not have the capability to write to arbitrary files, execute shell scripts from strings, or perform network operations.
- Sanitization: Absent; the data from ingested files is reflected directly into the generated Actualization Report without escaping or validation.
Audit Metadata