dig-dig
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: Uses
git cloneandlsto retrieve and verify repository content for documentation research. This allows the agent to access the latest source code of libraries.- [EXTERNAL_DOWNLOADS]: Fetches library source code from GitHub repositories to provide up-to-date documentation and API information.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted content from third-party repositories. - Ingestion points: Files downloaded from external GitHub repositories are processed by a subagent.
- Boundary markers: The instructions do not specify delimiters to separate untrusted code from the agent's system instructions.
- Capability inventory: Includes shell command execution and subagent tasking for file exploration.
- Sanitization: The skill does not perform content filtering or sanitization on the source code before exploration.
Audit Metadata