change-type
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions designed to override AI safety filters or hijack agent behavior were found. The instructional logic is focused on classification tasks.
- [Data Exposure & Exfiltration] (SAFE): The skill does not access sensitive local credentials (e.g., ~/.ssh) or attempt to transmit data to external domains. It strictly analyzes repository file paths to determine change types.
- [Remote Code Execution] (SAFE): There are no patterns involving remote script downloads or piped execution from the internet.
- [Obfuscation] (SAFE): The file contains clear, human-readable markdown and YAML frontmatter with no encoded strings or hidden characters.
- [Indirect Prompt Injection] (LOW): This skill has an inherent ingestion surface as it processes untrusted file paths and code diffs.
- Ingestion points: The skill reads file names and diff content from the current PR or work set.
- Boundary markers: No explicit delimiters or instructions to ignore embedded content are used.
- Capability inventory: The skill is limited to providing text-based recommendations and does not have built-in file-write or network-access capabilities.
- Sanitization: No specific sanitization of the input data is performed. Given the advisory nature of the output, the risk is minimal.
Audit Metadata