pull-request-descriptor
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses local git and shell commands to extract commit history, analyze code diffs, and save the generated markdown reports into a local directory. These operations are within the standard scope for productivity tools and are used for their primary intended purpose.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it analyzes data from external sources (commit messages and code diffs) that could contain malicious instructions.
- Ingestion points: Outputs from git log and git diff (SKILL.md).
- Boundary markers: None. The skill does not use specific delimiters or instructions to ignore embedded commands within the git data.
- Capability inventory: File system write access (cat, mkdir) and local execution of git commands.
- Sanitization: No sanitization or validation of the commit history or diff content is performed before processing.
Audit Metadata