update-project
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes git commands (
git log --oneline -20,git diff) to detect project history and changes. - [COMMAND_EXECUTION]: During the validation step in
SKILL.md, the agent is instructed to "Run project commands mentioned in docs to verify they work," which involves executing arbitrary shell commands extracted from project documentation. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes and acts upon instructions found in external data sources.
- Ingestion points: Processes content from
README.md,CLAUDE.md, and rule files located in the.claude/directory. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands within the processed documentation are present.
- Capability inventory: The skill possesses the capability to execute shell commands, scripts, and build steps as part of its validation workflow.
- Sanitization: There is no evidence of command sanitization, filtering, or verification against a whitelist before execution.
Audit Metadata