The Agent Skills Directory

[SAFE]: No malicious patterns, obfuscation, or unauthorized data access were detected. The skill operates within a restricted environment using specific Git subcommands.
[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes untrusted data from a Git repository's source code and history. 1. Ingestion points: git diff, git show, and the Read tool are used to analyze commit changes. 2. Boundary markers: No specific delimiters or instructions to ignore embedded commands within the analyzed code are provided. 3. Capability inventory: The agent is limited to file reading and specific Git metadata commands; it lacks general shell access, code execution tools, or network capabilities. 4. Sanitization: No content filtering or sanitization is specified. 5. Conclusion: The risk is negligible because the ingestion is core to the skill's purpose and the agent's restricted capabilities prevent the exploitation of any injected instructions.

add-test-coverage