Skills
skills/rj-yingjunjie/skill-hub/example-skill/Gen Agent Trust Hub

example-skill

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes git diff --cached to retrieve staged changes. This is a local read operation necessary for the skill's primary function and does not involve elevated privileges.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it analyzes untrusted data (code changes) without sanitization.
  • Ingestion points: Staged changes from git diff --cached in SKILL.md.
  • Boundary markers: No delimiters or warnings are used to separate code from instructions.
  • Capability inventory: Limited to local read-only access to git metadata; no network or file-write capabilities were found.
  • Sanitization: The skill does not escape or validate the contents of the diff before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 06:33 PM