pr-retro
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a suite of bash-based git commands (e.g.,
git log,git diff,git rev-list) to extract repository statistics and branch history for analysis. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection by processing untrusted data from commit history. 1. Ingestion points: Git log and diff data ingested in Steps 1 and 7 of
SKILL.md. 2. Boundary markers: Absent; data is processed as part of the report generation. 3. Capability inventory: Authorized tools include Bash (git), Read, Glob, and Grep. 4. Sanitization: None; commit subjects and diff snippets are displayed directly. The risk is considered low as the data is treated as analysis input rather than instructions. - [SAFE]: The 'Self-Review Scan' serves as a security-enhancing feature by searching for and flagging hardcoded credentials, debug statements, and merge conflicts within the branch diff.
Audit Metadata