Rewind
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill analyzes untrusted external data including git commit messages, PR descriptions, and issue tickets. This presents an indirect prompt injection surface where malicious instructions embedded in the git history could attempt to manipulate the agent's behavior. Ingestion points: Git history logs and commit details (SKILL.md, references/best-practices.md). Boundary markers: No explicit delimiters or instructions are used to isolate untrusted text from the agent's core logic. Capability inventory: The agent has the ability to execute shell commands via git bisect run and a helper script. Sanitization: No sanitization of commit metadata or PR content is implemented.
- [COMMAND_EXECUTION]: The skill's primary function involves executing arbitrary shell commands to verify test states during regression analysis. This occurs through the standard git bisect run functionality and a provided automation shell script. Evidence: Reference to git bisect run in references/git-commands.md and the execution of a test command variable in the rewind_bisect.sh script found in references/framework-templates.md.
Audit Metadata