gitflow
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to review external code (ingestion point) and has access to powerful tools including
Bash,Write, andEdit(capability inventory). This creates an attack surface where instructions embedded in the reviewed code could influence agent behavior. No boundary markers or sanitization logic are defined in the instructions to mitigate this risk. - Command Execution (SAFE): The skill includes a 'Memory Protocol' that executes a
bashcommand (cat) to read a local learning file. This is used for context persistence and does not interact with sensitive system files or network resources. - Data Exposure (SAFE): No hardcoded credentials or access to sensitive user configuration files (e.g., SSH, AWS) were detected.
Audit Metadata