consistency-check
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the ability to execute shell commands to 'Run the linters' and 'Commit the changes to the Git working copy'. This provides a path for executing project-defined tools and modifying the local repository.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted content from the codebase being analyzed. 1. Ingestion points: Reads all files in the software project including code, configuration, and documentation. 2. Boundary markers: No delimiters or instructions to ignore embedded commands are present in the skill definition. 3. Capability inventory: The agent has capabilities to modify local files, execute linter commands, and perform git commits. 4. Sanitization: No sanitization or validation of the analyzed content is performed; the agent may inadvertently follow instructions embedded in code comments or documentation.
- [NO_CODE]: The skill consists only of natural language instructions in the SKILL.md file and does not include any accompanying scripts, libraries, or binary executables.
Audit Metadata