Skills
skills/tw93/waza/check/Gen Agent Trust Hub

check

Pass

Audited by Gen Agent Trust Hub on Apr 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes local commands for git operations and project testing (git diff, npm test, cargo check, etc.) as part of its core review and verification functionality.
  • [EXTERNAL_DOWNLOADS]: Includes git fetch origin to synchronize local repository state with the remote origin.
  • [PROMPT_INJECTION]: The skill processes untrustworthy data from git diffs and task files while possessing file modification and command execution capabilities, creating a surface for indirect prompt injection.
  • Ingestion points: Reads content from git diff and local task files (SKILL.md).
  • Boundary markers: No explicit markers are defined to isolate the diff content from the agent's instructions.
  • Capability inventory: Possesses Bash, Edit, Write, and Agent tools across its scripts.
  • Sanitization: Does not perform validation or escaping of the input data before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 5, 2026, 11:43 PM