Skills
skills/unlearndev/skills/triage/Gen Agent Trust Hub

triage

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes the content of changed files from untrusted branches or pull requests. A malicious file could contain instructions designed to manipulate the agent's triage summary or behavior.\n
  • Ingestion points: Step 2 in SKILL.md uses the Read tool to ingest file content from the changes detected in step 1.\n
  • Boundary markers: No specific delimiters or "ignore" instructions are provided to separate file content from the agent's own task instructions.\n
  • Capability inventory: The agent has access to Bash (git commands), Read, Grep, and Glob tools.\n
  • Sanitization: No sanitization or validation of the ingested file content is performed prior to the agent processing it for categorization.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 01:21 PM