Skills
skills/peachsolution/peach-harness/peach-doc-feature/Gen Agent Trust Hub

peach-doc-feature

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to analyze the repository's Git history, specifically executing git log to examine commit messages, file change frequency, and file coupling patterns.
  • [PROMPT_INJECTION]: The skill identifies and extracts design rationale from source code comments and Git logs, which creates a surface for indirect prompt injection from untrusted repository content.
  • Ingestion points: Source code files (Read) and Git commit messages (Bash).
  • Boundary markers: Not used; the skill lacks delimiters to separate ingested data from agent instructions.
  • Capability inventory: File system writes (Write), shell execution (Bash), and user interaction (AskUserQuestion).
  • Sanitization: No data sanitization or validation is implemented for the content extracted from the codebase.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 02:26 PM