git-history-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute standard git commands, including 'git log', 'git blame', and 'git shortlog', to analyze repository history and contributor expertise. These commands are utilized for their intended analytical purposes.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it parses and summarizes potentially untrusted data from git history. Ingestion points: The agent retrieves commit messages and code history using 'git log' and 'git blame' (SKILL.md). Boundary markers: There are no specific delimiters or 'ignore embedded instructions' warnings provided to isolate history data from the agent's core instructions. Capability inventory: The agent has the capability to execute shell commands (git) and present analysis based on the retrieved content. Sanitization: No sanitization or filtering of commit messages or code snippets is specified before the data is processed.
Audit Metadata