Skills
skills/sd0xdev/sd0x-dev-flow/git-investigate/Gen Agent Trust Hub

git-investigate

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface
  • Ingestion points: The skill processes untrusted data from git history, including commit messages and author details, as well as file content via tools like git log, git show, and Read as specified in SKILL.md and references/commands.md.
  • Boundary markers: The workflow lacks explicit delimiters or instructions for the agent to distinguish between its internal instructions and potentially malicious content embedded in the git data it investigates.
  • Capability inventory: The skill has access to Bash(git:*) for executing git commands and the Read tool for accessing local files, which are used to analyze and report on code history.
  • Sanitization: There are no mechanisms described to sanitize, escape, or validate input received from external git records or file contents before the agent processes the data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 06:41 AM