wf0-status
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions involve executing standard git commands such as 'git status' and 'git worktree' to retrieve information about the current branch and repository state. This is essential for the tool's primary purpose.
- [PROMPT_INJECTION]: The skill processes data from the local environment, including branch names and local configuration files ('state.json', '.wf/local.json'). This represents an indirect prompt injection surface. Ingestion points: Data is read from 'state.json', '.wf/local.json', and git output. Boundary markers: Absent. Capability inventory: Subprocess calls for git commands and file read operations. Sanitization: Absent. The risk is assessed as negligible as the data is used for status reporting.
Audit Metadata