1k-app-upgrade-test
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes standard bash commands for git operations and build number calculations. These actions are aligned with the stated purpose of managing test versions.
- [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection (Category 8) due to the way it handles user input. 1. Ingestion points: User provides the 'test_version' variable. 2. Boundary markers: No specific delimiters or instructions are used to separate user input from the execution context of the bash tool. 3. Capability inventory: Access to Bash (git, date), Write, and Edit tools allows for repository state changes and modification of CI/CD workflows (.github/workflows). 4. Sanitization: The instructions do not define sanitization or validation logic for the input before it is passed to shell commands like 'git checkout -b', potentially allowing command injection if an attacker provides a malformed version string.
Audit Metadata