finalize
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: No malicious patterns such as direct prompt injection, data exfiltration, or obfuscation were found in the skill instructions.
- [SAFE]: The skill actively promotes security by requiring the agent to scan for and remove credentials, API keys, and secrets from the code diff before finalizing work.
- [COMMAND_EXECUTION]: The instructions direct the agent to execute the project's test suite to ensure that the cleanup process did not break any existing functionality.
- [PROMPT_INJECTION]: The skill processes untrusted input in the form of code changes (git diff), which presents a surface for indirect prompt injection if malicious instructions are embedded in the code being reviewed.
- Ingestion points: Code changes read via 'git diff' and 'git diff --staged' (SKILL.md).
- Boundary markers: Absent; the skill does not provide specific delimiters or 'ignore' instructions for the code content.
- Capability inventory: The agent is authorized to modify local files (Step 2) and execute shell commands to run tests (Step 3).
- Sanitization: Absent; the skill does not specify any validation or filtering of the code content before processing.
Audit Metadata