prime
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the
git branch --show-currentcommand to retrieve the name of the active development branch. This is used solely to provide metadata for the context report and does not represent a security risk. - [PROMPT_INJECTION]: The skill processes untrusted content from local project files which could theoretically contain instructions designed to manipulate the AI. The skill mitigates this surface by using a separate subagent for summarization and explicitly constraining it to provide short summaries rather than raw data, which prevents external instructions from being directly interpreted by the primary agent context.
Audit Metadata