Verification & Quality Assurance
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing external data sources during verification tasks.
- Ingestion points: Untrusted data enters the agent context via code files, directories, and task outputs specified through CLI flags such as --file, --directory, and --task in SKILL.md.
- Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the processed content documented in the skill.
- Capability inventory: The skill possesses the ability to perform Git rollbacks, modify files through auto-fix features, and suggests exporting data to external monitoring endpoints via curl.
- Sanitization: The skill does not implement documented sanitization or validation of the content before it is processed by the verification logic.
- [COMMAND_EXECUTION]: The skill promotes the installation of Git pre-commit hooks (via the npx claude-flow@alpha verify install-hook command), which is a persistence mechanism used to ensure the automated execution of verification commands within the developer's local environment. While this is a common development practice, it involves scheduled command execution triggered by local Git events.
Audit Metadata