reflect
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure] (LOW): The skill references accessing local git metadata via
git diffandgit statusto summarize session changes. This is intended for the user's retrospective and lacks any network exfiltration capability. - [Prompt Injection] (SAFE): The triggers for "no," "wait," and "but" are used as legitimate signals for course correction and do not represent attempts to bypass AI safety filters or ignore system instructions.
- [Indirect Prompt Injection] (LOW): The skill processes user messages and conversation history to generate its analysis. While this is an ingestion point for untrusted data, the skill's functionality is limited to generating text-based feedback and explicitly prohibits automatic modifications or command execution based on that data.
- [Command Execution] (SAFE): It suggests using standard development tools (git) to analyze progress, which is consistent with the skill's primary purpose for developers.
Audit Metadata