agent-change-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists entirely of markdown instructions and metadata. It does not contain scripts, executables, or code logic.
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access behaviors were detected.
- [PROMPT_INJECTION]: The skill processes untrusted code diffs and source files, which creates a surface for indirect prompt injection. This is inherent to the skill's primary function as an analysis tool. 1. Ingestion points: raw diffs and source files; 2. Boundary markers: none; 3. Capability inventory: Read, Grep, Glob, Bash, LS, TodoWrite; 4. Sanitization: none.
Audit Metadata